[Snort-users] port 12345

J. Craig Woods drjung at ...2066...
Wed Mar 27 14:29:01 EST 2002

"Sean T. Ballard" wrote:
> Netbus is a well known and widely used windows trojan horse. That
> traffic is probably someone scanning for hosts running default netbus
> servers with null passwords. You should only worry if that traffics is
> originating from your network or connecting to servers on your DMZ.
> -Sean

Thanks to everyone for the great responses. Being more familiar with
UNIX/Linux, I guess this windows' trojan got by me (info that is, not
the actual bad boy itself). Must be great to pay so much to be so
vulnerable :-)

J. Craig Woods
UNIX/NT Network/System Administration

-Art is the illusion of spontaneity-

More information about the Snort-users mailing list