-
April 25th, 2002, 08:54 PM
#1
Member
Verizon & roadrunner Security
Okay......Bear with me now a moment.
After a documented 25 emails to verizon security,and
another handfull to r.r security.i must ask fellow ao buddies
for help! or advice.
Saving a security alert for an inbound tcp connection trying
my 27374 port i sent all the information exactly as required
by verizon security; (copy paste log file/plain text format then
e-mail).
Okay now multiply that by 3 (diverse) times and include miscallaneous
attempts to connect by remote computers,that i tracert'ed to be verizon
computers?
Now to make a long story shorter...no response's from said security
administrators and only contact is via email? (this is funny) the
tech support at verizon as we were talking on the phone
i said well...... if you needed too contact security
right now, to inform them of a fire in the building what number would
you dial?(because they couldnt give me a telephone number) and they
said we dont have a number miss, there is only an email address!!!!!!!
So whats a person to do?
in another "unrelated" post someone mentioned sending some to a http:
blackhole?
any and all help highly appreciated
-
April 25th, 2002, 09:22 PM
#2
Hmmmm, Maybe your traceroute shows you the Verizon server?
If anything get a firewall and block all access to unused ports (>1024 and <2000)
Another reason why I dont think its Verizon is because 27374 is the default port for the new version of SubSeven.... 27374 is one of the default ports of the BackDoor-G2.svr.gen trojan, more commonly known as SubSeven. It is the current (as of May 2001) trojan of choice for most DDoS attacks and clone attacks on specific services, such as IRC. Scans of this port are often accompanied by scans of port 1243, another default SubSeven port of older versions
If you want you could check here for more port lists or here for information on detecting and removing ALL versions of SubSeven...
-
April 25th, 2002, 09:59 PM
#3
Member
No verizon wasnt the sub seven attempt by any means sorry for the lack of info
on my part but it is verizon on the remote attempts,and i was informed that by
no means should verizon ever attempt a connection with my ports like that
unless they inform me first and have request i shut the firewall down they said.
im protected fine and updated on patches etc.hardware/software firewall
I know it's easy to access most peoples data,i for one dont attempt too.
On the other hand i feel as though if you are maliciously trying to access my
data i can legally protect myself by any means known.
Look at :for instance that idiot posting the link that crashed "most" systems.
That is taking advantage of a vunerability.
it would be cool if my firewall could be programmed to determine a legitamite
or malicious attempt to connect and as a true body guard act accordingly not just
snitch them out and .......nothing else.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|