Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: TCP/UDP Port Activity - SANS Internet Storm Center TCP/UDP Port Activity


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Sources
Targets
[show ascii data]


   

Port Information
Protocol Service Name
tcp icq icq instant messanger
[get complete service list]
User Comments
Submitted By Date
Comment
Lele 2004-10-28 05:16:08
This is the data contained in the packet: Frame 93 (709 bytes on wire, 709 bytes captured) Time delta from previous packet: 51.351791000 seconds Time since reference or first frame: 1998.591219000 seconds Frame Number: 93 Packet Length: 709 bytes Capture Length: 709 bytes Ethernet II, Src: 00:e0:63:xx:xx:xx, Dst: 00:04:75:xx:xx:xx Destination: 00:04:75:xx:xx:xx (3Com_xx:xx:xx) Source: 00:e0:63:xx:xx:xx (Cabletro_xx:xx:xx) Type: IP (0x0800) Internet Protocol, Src Addr: 210.106.58.88 (210.106.58.88), Dst Addr: xxx.xxx.xxx.xxx User Datagram Protocol, Src Port: 1613 (1613), Dst Port: 1027 (1027) DCE RPC Microsoft Messenger Service Operation: NetrSendMessage (0) Server Max Count: 19 Offset: 0 Actual Count: 19 Server: DIPLOMAS Client Max Count: 19 Offset: 0 Actual Count: 19 Client: You Message Max Count: 511 Offset: 0 Actual Count: 511 Message: \n\nObtain a prosperous future, money earning power,and the admiration of all.\n\nDiplomas from prestigious universities based on your present knowledge and life experience.\n\nNo required tests, classes, books, or interviews.\n\n I think it's a mass spam... couse the source ip is forged and my router are logging a lot of traffic like this... Lele from Italy (sorry for my english!)
2004-07-14 01:15:56
http://www.blackhat.com/presentations/win-usa-04/bh-win-04-seki-up2.pdf
Add a comment
CVE Links
CVE # Description