What you are seeing, are various attempts to determine if any PC's within
your environement have been compromised with the Back Orifice trojan. Back
Orifice is a hacker's tool for remote administration of Windows 95/98 PC's.
For reference, Back Orifice by default uses UDP port 31337 (in hacker lingo,
"31337" is "eleet", or elite). There are various spin-offs, where it may use
31338 as well...
For further information on detection and removal instructions, you may
consider visiting "Threats to your Security on the Internet",
http://www.commodon.com/threat
Regards,
Don Kelloway
----- Original Message -----
From: rand hall <[EMAIL PROTECTED]>
To: Firewalls@lists. gnac. net <[EMAIL PROTECTED]>
Sent: Wednesday, April 07, 1999 10:31 AM
Subject: ports 31337 31338
> Recently we've had a lot of probing on ports 31337 & 31338.
>
> Any idea on what that might be?
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
