From: Christine Kronberg (Christine_Kronberg@genua.de)
Date: Mon Sep 12 2005 - 03:42:50 EDT
On Sat, 10 Sep 2005, Mohamed Abdel Kader wrote:
> I have recently been doing some scans and in some cases nmap returns many
> ports to be open. the weird thing is that the ports are sequential.
> i know many of you might be tempted to say its a honeypot but i know for a
> fact its not. does anyone know why does this happen and how?
I've seen that, too. But only with nodes which turned out to be
spam distributors. I wonder if there is a connection between the
software used to gain access and send spam and the observed open
ports behaviour.
Cheers,
Chris Kronberg.
-- GeNUA mbH ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:52 EDT