-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 20 December 2001 07:35 pm, Edward Dekkers wrote: > Have been getting a lot of Active System attacks on this port lately. > It is not listed in my /etc/services. > > Does anyone know what uses this port? Or point me in the direction to > find out?
It's a fairly popular trojan port. According to: http://www.simovits.com/trojans/trojans.html It is used by (at least) the following trojan programs: port 12345: Adore sshd, Ashley, cron / crontab, Fat Bitch trojan, GabanBus, icmp_client.c, icmp_pipe.c, Mypic, NetBus, NetBus Toy, NetBus worm, Pie Bill Gates, ValvNet, Whack Job, X-bill - -D - -- pgp key: http://www.tuxfan.homeip.net:8080/pgpkey.txt - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8IojKeMAUbzJhSVcRAuUgAKCD93KwT3V2B489XVcg4EEVLo20pQCdEfy2 9e+Ug/hEeYCDN1aJQHNbjIM= =M/gO -----END PGP SIGNATURE----- _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list