Loading...
[get complete service list]
Port Information
Protocol Service Name
tcp rdrmshc RDRMSHC
udp rdrmshc RDRMSHC
Top IPs Scanning
Today Yesterday
91.240.118.215 (90)93.123.39.98 (83)
64.39.106.86 (8)64.39.106.43 (8)
101.6.21.12 (6)109.205.213.108 (4)
38.110.46.254 (5)74.50.67.171 (3)
167.94.138.103 (2)212.70.149.54 (3)
104.45.12.40 (2)174.172.61.68 (2)
18.116.198.167 (2)185.137.234.200 (2)
185.199.103.188 (1)198.73.1.62 (2)
109.205.213.115 (1)167.94.145.87 (2)
62.122.184.82 (1)89.248.163.62 (1)
User Comments
Submitted By Date
Comment
A K Bressen 2004-02-24 17:22:54
There is something out there that tries ports 1075, 3128, 4588, 6588, and 8080 and uses a tcp sequence number of 666666. I've found this signature in my logs a few times during Fall 2003 and Winter 2004, and someone else mentioned it at http://seclists.org/lists/security-basics/2003/Jun/0877.html but a quick websearch showed no positive id. While other things have tried ports 6588 and possibly 3128 or 8080, only this beastie has tried 1075 and 4588.
CVE Links
CVE # Description