Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: Port 1023 (tcp/udp) Attack Activity - SANS Internet Storm Center Port 1023 (tcp/udp) Attack Activity

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
[get complete service list]
Port Information
Protocol Service Name
tcp gs400-nas Linux backend of Gateway GS-400 NAS
Top IPs Scanning
TodayYesterday (50) (858) (11) (741) (8) (741) (8) (741) (8) (740) (6) (739) (6) (701) (4) (663) (4) (663) (4) (662)
Port diary mentions
Samba - Buffer Overrun, HP Remote Command Execution, Top 15 Worms, Hosts File, SasserDabber Activity
User Comments
Submitted By Date
2004-10-28 05:52:40
dabber variant scans for this port
2004-06-21 17:07:13
W32.Sasser.G Discovered on: June 10, 2004 Last Updated on: June 11, 2004 02:58:37 PM Uses different port numbers, used by FTP server and the remote shell: 1023 and 1022. Has an updated routine for finding vulnerable computers. W32.Sasser.G sends an ICMP echo request before attempting to make a connection. This change may prevent the worm from properly executing on Windows 2000 systems. W32.Sasser.G can run on, but not infect, Windows 95/98/Me computers. Although these operating systems cannot be infected, they can still be used to infect vulnerable computers.
Morten Skeldal 2004-06-15 17:24:04
Sasser.E installs an FTP-server on this port
2004-05-24 04:13:16
Add a comment
CVE Links
CVE # Description