I tool a look at my firewall last night, and I am also getting NUMEROUS port 137 scans. It very well could be the same vulnerability, but I'm expecting something knew to surface.
-----Original Message----- From: Sean Knox [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 10:57 AM To: Ferry van Steen Cc: [EMAIL PROTECTED] Subject: Re: Increase in port 137 scans -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Perhaps it is related to the NetBIOS DoS that surfaced in August? http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS 02-045.asp Sean Ferry van Steen wrote: |Hey there, | |did anyone else notice a huge increase in port 137 scans (UDP)? Usually I |had perhaps 1 a day of those. Now I've seen atleast 10 in the past 2 hours |alone. | |Kind regards, | |Ferry van Steen |InfoPart Automatisering B.V. |Beeksestraat 24 |4841 GC Prinsenbeek |The Netherlands |Phone: +31 (0)76 - 5 44 04 11 |Fax: +31 (0)76 - 5 41 83 51 |Mobile: +31 (0)6 - 28 46 47 45 |E-Mail (business): [EMAIL PROTECTED] |E-Mail (private): [EMAIL PROTECTED] |MSN Messenger: [EMAIL PROTECTED] |ICQ (UIN (seldom used)): 191458 | | | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.1.91-nr1 (Windows 2000) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE9meHzNOzjeoYDmEQRAh4/AKDgkZU79vbqPQqEs72J6dgfDETnGQCgnJgR lO0LBwqPIvsPhplzRfgA/Og= =S3ql -----END PGP SIGNATURE-----