Date: Wed, 12 Aug 1998 08:43:35 +0300 From: Seppo Kallio <kallio@beeblebrox.cc.jyu.fi> To: bmah@CA.Sandia.GOV, freebsd-security@FreeBSD.ORG Subject: Re: UDP port 31337 Message-ID: <19980812084335.G605@beeblebrox.cc.jyu.fi> In-Reply-To: <199808120110.SAA14483@stennis.ca.sandia.gov>; from Bruce A. Mah on Tue, Aug 11, 1998 at 06:10:00PM -0700 References: <199808120110.SAA14483@stennis.ca.sandia.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Aug 11, 1998 at 06:10:00PM -0700, Bruce A. Mah wrote: > A marginally off-topic question: Can anyone tell me what service uses UDP > port 31337? I have a FreeBSD box that has received and logged three packets > on this port in the last 24 hours: BO has same udp port: ---------------------------------------cut---------------------------- ISS Security Alert Advisory August 6th, 1998 Cult of the Dead Cow Back Orifice Backdoor Synopsis: A hacker group known as the Cult of the Dead Cow has released a Windows 95/98 backdoor named 'Back Orifice' (BO). Once installed this backdoor allows unauthorized users to execute privileged operations on the affected machine. ... * The server will begin listening on UDP port 31337, or a UDP port specified by the installer. You can configure RealSecure to monitor for network traffic on the default UDP 31337 port for possible warning signs. In order to determine if you are vulnerable: 1. Start the regedit program (c:\windows\regedit.exe). 2. Access the key ... ----------------------------------------------------------------------- -- Seppo Kallio kallio@cc.jyu.fi http://www.jyu.fi/~kallio To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980812084335.G605>