Thinking...
[get complete service list]
Top of page
Port Information
Protocol Service Name
tcp gs400-nas Linux backend of Gateway GS-400 NAS
Top IPs Scanning
Today Yesterday
104.156.155.5 (14)51.161.174.170 (27)
79.124.58.238 (8)109.205.213.35 (9)
109.205.213.35 (8)207.90.244.2 (9)
147.185.133.63 (5)64.23.161.101 (7)
5.182.38.19 (5)143.198.150.150 (7)
207.90.244.26 (5)192.155.84.194 (7)
185.243.5.186 (4)146.190.149.252 (7)
35.203.211.146 (4)80.82.77.139 (6)
94.26.88.59 (4)147.185.133.175 (6)
35.203.211.64 (4)162.216.150.29 (6)
Port diary mentions
URL
Samba - Buffer Overrun, HP Remote Command Execution, Top 15 Worms, Hosts File, SasserDabber Activity
Top of page
User Comments
Submitted By Date
Comment
2004-10-28 05:52:40
dabber variant scans for this port
2004-06-21 17:07:13
W32.Sasser.G Discovered on: June 10, 2004 Last Updated on: June 11, 2004 02:58:37 PM http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.g.html Uses different port numbers, used by FTP server and the remote shell: 1023 and 1022. Has an updated routine for finding vulnerable computers. W32.Sasser.G sends an ICMP echo request before attempting to make a connection. This change may prevent the worm from properly executing on Windows 2000 systems. W32.Sasser.G can run on, but not infect, Windows 95/98/Me computers. Although these operating systems cannot be infected, they can still be used to infect vulnerable computers.
Morten Skeldal 2004-06-15 17:24:04
Sasser.E installs an FTP-server on this port
2004-05-24 04:13:16
Sasser.E http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.e.worm.html
Top of page
CVE Links
CVE # Description
Top of page