[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] New Blaster variant using UDP port 1038? 

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">


<META content="MSHTML 6.00.2800.1170" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial size=2><SPAN class=644224617-14082003>We're starting to 
see exploit attempts that are followed by probes from the infected host on 
tcp/4444, and then UDP/1038.&nbsp; Has anyone else seen 
this?</SPAN></FONT></DIV></BODY></HTML>