Thinking...
[get complete service list]
Top of page
Top of page
Port Information
Protocol Service Name
tcp rdrmshc RDRMSHC
udp rdrmshc RDRMSHC
Top IPs Scanning
Today Yesterday
109.205.213.35 (7)109.205.213.35 (22)
37.230.105.167 (2)148.113.212.55 (20)
45.147.46.32 (2)31.14.32.8 (15)
34.201.223.223 (2)5.230.73.152 (9)
103.72.97.100 (2)78.128.114.46 (7)
96.11.214.62 (1)79.124.62.122 (4)
173.239.247.12 (1)68.36.134.98 (4)
165.154.129.74 (1)62.60.131.55 (2)
34.148.221.78 (1)152.32.235.36 (2)
77.83.36.159 (1)43.160.248.248 (2)
User Comments
Submitted By Date
Comment
A K Bressen 2004-02-24 17:22:54
There is something out there that tries ports 1075, 3128, 4588, 6588, and 8080 and uses a tcp sequence number of 666666. I've found this signature in my logs a few times during Fall 2003 and Winter 2004, and someone else mentioned it at http://seclists.org/lists/security-basics/2003/Jun/0877.html but a quick websearch showed no positive id. While other things have tried ports 6588 and possibly 3128 or 8080, only this beastie has tried 1075 and 4588.
Top of page
CVE Links
CVE # Description
Top of page