It may be someone scanning for certain exploitable RPC serives running
on high UDP ports or it could just be some type of UDP "pinging" utility
(traceroute clone) used to find active hosts on a network.
HD Moore
http://nlog.ings.com
> On Mon, 30 Aug 1999, Dave Gillett wrote:
>
> > Somebody recently scanned our address range using UDP; all packets had
> > source port #31790 and dest port #31789. That looks likely to be a trojan,
> > but I don't recognize it as the default port numbers of any one I have info
> > on. ANybody recognize it?
> >
> >
> > David G
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
