I think that it has more to do with W32.Opaserv.Worm. Apparently, Symantec raise it from a Catergory 2 to a Catergory 3 yesterday due to increased submissions in the past couple of days.
You can find more info here: http://www.symantec.com/avcenter/venc/data/pf/w32.opaserv.worm.html Neil Blake BSC-CSA Ottawa, Ont Canada 613.799.2420 -----Original Message----- From: Sean Knox [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 1:57 PM To: Ferry van Steen Cc: [EMAIL PROTECTED] Subject: Re: Increase in port 137 scans -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Perhaps it is related to the NetBIOS DoS that surfaced in August? http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/ MS02-045.asp Sean Ferry van Steen wrote: |Hey there, | |did anyone else notice a huge increase in port 137 scans (UDP)? Usually I |had perhaps 1 a day of those. Now I've seen atleast 10 in the past 2 hours |alone. | |Kind regards, | |Ferry van Steen |InfoPart Automatisering B.V. |Beeksestraat 24 |4841 GC Prinsenbeek |The Netherlands |Phone: +31 (0)76 - 5 44 04 11 |Fax: +31 (0)76 - 5 41 83 51 |Mobile: +31 (0)6 - 28 46 47 45 |E-Mail (business): [EMAIL PROTECTED] |E-Mail (private): [EMAIL PROTECTED] |MSN Messenger: [EMAIL PROTECTED] |ICQ (UIN (seldom used)): 191458 | | | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.1.91-nr1 (Windows 2000) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE9meHzNOzjeoYDmEQRAh4/AKDgkZU79vbqPQqEs72J6dgfDETnGQCgnJgR lO0LBwqPIvsPhplzRfgA/Og= =S3ql -----END PGP SIGNATURE-----
smime.p7s
Description: application/pkcs7-signature
