[Snort-users] Win* machines - port 139 scans

Michael Davis mike at ...92...
Mon Sep 25 23:29:35 EDT 2000


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> etc. wide open.  How do you 'take over' a Win* machine?  I suppose
> some type of Trojan in the startup file or something like that?

Could be some sorta of Share-level password bruteforcer or someone
looming for shares with no passwords.

Just an idea.

 Michael Davis
Chief Technical Officer
Data Nerds, LLC.
http://www.datanerds.net
> Have other people been seeing this also?
> 
> --------------------------------------------------------------
> Jerry A. Shenk - MCNE, GIAC certified intrusion analyst
> Sr. Systems Engineer - Computer Networking Services
> D&E Communications, Inc.
> jshenk at ...514... (also jas at ...129...)
> 1-877-433-8632 Fax via efax: (603) 250-1453
> my website: http://jerryslinux.dyndns.org/jas
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/snort-users

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOdAYHviUqZ9dnoKsEQLRwQCZAbqexLCV97jaCbDKSzNmn2d5kH0AoMNJ
88ZkxyuHdyUexuumcMBebiZ1
=VK8E
-----END PGP SIGNATURE-----





More information about the Snort-users mailing list