[plug] Attempted Intrusions
Tim White
weirdo at tigris.org
Tue Oct 26 16:12:29 WST 2004
Marc Wiriadisastra wrote:
> I just changed it to port 26 it looks like there isn't anything there
> using it according to the services file.
I'm just thinking it may be an idea to pick a really high port (>1024
for a start, >10000 is nice) that has obscure numbers (e.g. not 12345,
maybe 492716) as a port scanner will normally scan the first 1024 ports
if it isn't looking for a specific service. Besides, hackers know that
people move services around onto different ports. A number that is high
and obscure takes a while to find (by which stage your NID script would
have definitely kicked in)
Tim
p.s. I take no responsibility for which port you choose.
--
Tim White
PGP/GPG id: 602E944D, Pub Key Serv: subkeys.pgp.net
Fingerprint: 04C2 9682 B7B2 3006 009D A9F3 067E EDCD 602E 944D
Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20041026/a8dbdb1e/attachment.pgp>
More information about the plug
mailing list