Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-04-29 InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Port 1025 increase, MS04-11 update problems

Published: 2004-04-29
Last Updated: 2004-04-30 02:59:15 UTC
by Davis Sickmon (Version: 1)
0 comment(s)
Microsoft has released a KB article on problems with the MS04-11 update causing problems on some machines including losing the ability to login or failure to respond after rebooting. If you've ran into this problem, or are preparing to deploy MS04-11, you can read up on the problem and the solution here:;EN-US;841382

There's been an increase in Port tcp/1025 activity. NetCat data shows that the increase was from dcom exploit - something included in the Metasploit 2 framework, which could explain the increase. Traffic shows the typical 'MEOW' string.

Handler on Duty, Davis Ray Sickmon Jr
0 comment(s)
Diary Archives