Hi, Had a client today have a inside user apparently doing DoS attack to a 24.x.x.x address (probably some cable broadband user) and all the traffic was from multiple src IPs (maybe spoofed) to dest tcp port 5773. I didn't see a copy of the trace but I had them plug a null/blackhole host route in router to stop it then they tracked down the PC, etc.
Anyway, was googling all over and checking other resources and couldn't lay my fingers on anything that uses tcp port 5773. Any one run across this before? Thanks, Erick __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com