[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] port 1080
- Subject: Re: [cobalt-security] port 1080
- From: Ted Behling <TBehling@xxxxxxxxxxxxx>
- Date: Tue, 23 Oct 2001 13:24:28 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
At 12:20 PM 10/23/01, Kai r. s., euroweb as wrote:
In my logs I am getting used to port scans but yesterday I got like 100
records from this Ip:
Oct 22 09:05:43 attackalert: SYN/Normal scan from host:
dsl-64-128-180-129.telocity.com/64.128.180.129 to TCP port: 1080
What can this be, and is there some exploit regarding port 1080, lately it
seems that scans to port 1080 is getting more normal than the never ending
scans to port 111.
Port 1080 is used by Socks, which is a generic proxy service. If your
machine isn't listening on that port (run "netstat -nap"; look in the
"Local Address" column), don't worry about it. FYI, www.portsdb.org is a
good source to find out what services listen on what ports.
--------------------------------------------------------------------------
Ted Behling, Web Application Developer - Monarch Information Systems, Inc.
43 Folly Field Road, Unit 4, Hilton Head Island, SC 29928-5434
E-mail: mailto:TBehling@xxxxxxxxxxxxx
Phone/Fax: 1-800-842-7894 Local or Outside the USA: 1-843-842-7894
Cell Phone (urgent issues): 843-816-7895
Cell Phone E-mail: mailto:TedPhone@xxxxxxxxxxxxx (116 letter limit)
Web site: http://www.MonarchIS.net
--------------------------------------------------------------------------