I have gotten quite a few abuse cases from people "on the internet" that a
customer of mine is trying to access their NBNAME port (137/UDP). These
people are on regular dialups and the machine trying to access them is a
NT4 mailserver.
Anyone know of a NBNAME attack, or have an explanation to this behaviour?
The machine might be hacked, but I would like to know why it might be
scanning etc.
--
Mikael Abrahamsson email: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
