Port 12345

Discussion in 'Computer Security' started by CuriousK, Sep 23, 2004.

  1. CuriousK

    CuriousK Guest

    Any one have any thoughts on Netbus DST port 12345.

    I have been getting numerous scans on this port. I remember this being
    a "old school" hack.

    Is there some software, exploit, bot in Microsoft causing this to show
    up in my firewall log.

    Thanks

    CK
     
    CuriousK, Sep 23, 2004
    #1
    1. Advertising

  2. CuriousK

    Bit Twister Guest

    On Thu, 23 Sep 2004 08:26:11 -0400, CuriousK wrote:
    > Any one have any thoughts on Netbus DST port 12345.
    >
    > I have been getting numerous scans on this port.


    Trend http://www.dshield.org//port_report.php?port=12345

    top 10 http://www.dshield.org/


    > Is there some software, exploit, bot in Microsoft causing this to show
    > up in my firewall log.



    Adore sshd, cron / crontab, Whack Job, ValvNet, Pie Bill Gates, NetBus
    worm, NetBus Toy, NetBus, Mypic, GabanBus, Fat Bitch trojan, Ashley,
    X-bill, Fade, icmp_pipe.c
     
    Bit Twister, Sep 23, 2004
    #2
    1. Advertising

  3. CuriousK

    CuriousK Guest

    Thanks for the site. I was there earlier and saw how there is a big spike
    on September 20th. Seems to be a lot of reports in about this

    But what I am wondering, is there a worm that is causing this
    because in the past this port was used to gain control of an operating
    system.

    Thanks in advance for any reply offered.

    CK


    Bit Twister wrote:

    > On Thu, 23 Sep 2004 08:26:11 -0400, CuriousK wrote:
    > > Any one have any thoughts on Netbus DST port 12345.
    > >
    > > I have been getting numerous scans on this port.

    >
    > Trend http://www.dshield.org//port_report.php?port=12345
    >
    > top 10 http://www.dshield.org/
    >
    > > Is there some software, exploit, bot in Microsoft causing this to show
    > > up in my firewall log.

    >
    > Adore sshd, cron / crontab, Whack Job, ValvNet, Pie Bill Gates, NetBus
    > worm, NetBus Toy, NetBus, Mypic, GabanBus, Fat Bitch trojan, Ashley,
    > X-bill, Fade, icmp_pipe.c
     
    CuriousK, Sep 23, 2004
    #3
  4. CuriousK

    Moe Trin Guest

    In article <>, CuriousK wrote:
    >Thanks for the site. I was there earlier and saw how there is a big spike
    >on September 20th. Seems to be a lot of reports in about this
    >
    >But what I am wondering, is there a worm that is causing this
    >because in the past this port was used to gain control of an operating
    >system.


    No, it's a secret conspiracy by the NHL Players Association now that
    they're not going to be doing much for the next six weeks.

    Remember that most virus/worm/trojan writers are really pushing their
    skills trying to cut-and-paste exploit code into something that might
    work, and their brains go blank when they have to think of a secret
    number. Do you _realize_ how hard it was for some klown to think up
    the port number '27374'??? Expecting something less difficult to
    remember, like 6666 or 1234 or 12345 or even 54321 is more with their
    mental capabilities (though 65432 is probably stretching things to far).

    Old guy
     
    Moe Trin, Sep 25, 2004
    #4
  5. CuriousK

    donnie Guest

    On Fri, 24 Sep 2004 22:58:41 -0500,
    (Moe Trin) wrote:

    >In article <>, CuriousK wrote:
    >>Thanks for the site. I was there earlier and saw how there is a big spike
    >>on September 20th. Seems to be a lot of reports in about this
    >>
    >>But what I am wondering, is there a worm that is causing this
    >>because in the past this port was used to gain control of an operating
    >>system.

    >
    >No, it's a secret conspiracy by the NHL Players Association now that
    >they're not going to be doing much for the next six weeks.
    >
    >Remember that most virus/worm/trojan writers are really pushing their
    >skills trying to cut-and-paste exploit code into something that might
    >work, and their brains go blank when they have to think of a secret
    >number. Do you _realize_ how hard it was for some klown to think up
    >the port number '27374'??? Expecting something less difficult to
    >remember, like 6666 or 1234 or 12345 or even 54321 is more with their
    >mental capabilities (though 65432 is probably stretching things to far).
    >
    > Old guy

    ###################
    I missed the beginning of the thread but port 12345 was BO trojan
    (back orafice) if I remember correctly.
     
    donnie, Sep 25, 2004
    #5
  6. CuriousK

    Penguin_X Guest

    CuriousK wrote:
    > Any one have any thoughts on Netbus DST port 12345.
    >
    > I have been getting numerous scans on this port. I remember this being
    > a "old school" hack.
    >
    > Is there some software, exploit, bot in Microsoft causing this to show
    > up in my firewall log.
    >
    > Thanks
    >
    > CK
    >

    NetBUS ? LoL it's OLDDD
     
    Penguin_X, Sep 26, 2004
    #6
  7. CuriousK

    CuriousK Guest

    I understand that it's a "old school" hack.

    I have been reading numerous reports about the increase activity of the
    port. I am wondering is there a worm/exploit using it in some way. I can't
    believe that it's being done manually. It just doesn't make sense.

    Thanks in advance for any reply regarding this topic.

    CK


    Penguin_X wrote:

    > CuriousK wrote:
    > > Any one have any thoughts on Netbus DST port 12345.
    > >
    > > I have been getting numerous scans on this port. I remember this being
    > > a "old school" hack.
    > >
    > > Is there some software, exploit, bot in Microsoft causing this to show
    > > up in my firewall log.
    > >
    > > Thanks
    > >
    > > CK
    > >

    > NetBUS ? LoL it's OLDDD
     
    CuriousK, Sep 27, 2004
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Weiguang Shi
    Replies:
    1
    Views:
    4,612
  2. Jon Whitear
    Replies:
    2
    Views:
    2,359
    Jon Whitear
    Nov 4, 2003
  3. Dmitry
    Replies:
    0
    Views:
    3,701
    Dmitry
    Apr 1, 2004
  4. John
    Replies:
    0
    Views:
    654
  5. John
    Replies:
    0
    Views:
    722
Loading...

Share This Page