some pathetic sh!t has been trying to get into port 1024 on my systems for the past 20+ hours...below is the info i copied from my firewall log and the whois info....i've emailed the log to Road Runner abuse, etc....
what is port 1024 (DNS?) for and should i be concerned?
-win2000 pro w/ sp2 + Code Red patch
-norton 2001 AV
-sygate personal firewall
08/26/2001 02:30:16 Blocked UDP Incoming 24.160.227.33 53 192.168.0.2 1024 16 08/26/2001 02:29:19 08/26/2001 02:30:04 GUI%GUICONFIG#SRULE@NBENABLEYOU#BLOCKALL
29280 08/26/2001 02:30:52 Blocked UDP Incoming 24.160.227.33 53 192.168.0.2 1024 8 08/26/2001 02:30:15 08/26/2001 02:30:37 GUI%GUICONFIG#SRULE@NBENABLEYOU#BLOCKALL
--------------------------------------------------------------------------------------
WHOIS info:
ServiceCo LLC - Road Runner (NET-ROAD-RUNNER-5)
13241 Woodland Park Road
Herndon, VA 20171
US
Netname: ROAD-RUNNER-5
Netblock: 24.160.0.0 - 24.170.127.255
Maintainer: SCRR
Coordinator:
ServiceCo LLC (ZS30-ARIN) abuse@rr.com
1-703-345-3416
Domain System inverse mapping provided by:
DNS1.RR.COM 24.30.200.3
DNS2.RR.COM 24.30.201.3
DNS3.RR.COM 24.30.199.7
DNS4.RR.COM 65.24.0.172
Record last updated on 06-Aug-2001.
Database last updated on 25-Aug-2001 23:08:46 EDT.
The ARIN Registration Services Host contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.
hacking attempt...
-
MegaVectra
- Posts: 2699
- Joined: Thu Nov 23, 2000 5:33 am
- Location: WV
- Contact:
Here is what I found on port 1024.
1024 tcp Reserved - IANA
1024 tcp NetSpy - trojan
1024 udp Reserved - IANA
I get scanned all the time with connection attempts to ports 27374 and 12345. It's probaby just a trojan infected pc trying to spread itself or someone scanning to find an infected pc to connect to.
1024 tcp Reserved - IANA
1024 tcp NetSpy - trojan
1024 udp Reserved - IANA
I get scanned all the time with connection attempts to ports 27374 and 12345. It's probaby just a trojan infected pc trying to spread itself or someone scanning to find an infected pc to connect to.
