New free online services...

Discussion in 'other software & services' started by Zhen-Xjell, May 30, 2002.

Thread Status:
Not open for further replies.
  1. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
  2. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hey Paul, thanks. Very kool indeed. I'm running the UDP scan now.
    Will the email thingie work with Poco Email client?
    regards
    root
     
  3. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Paul, something funny going on with the UDP scan. I selected scan 30 ports and I finally had to stop it by closing the page after 100+ ports showed as being scanned in my firewall log. It was still running over and hour later. I am sure I selected 30 ports.
    Following is part of the attack detection log.
    5/30/2002 8:42:26 PM      Port scanned      209.120.142.179      UDP(55620) UDP(55619) UDP(5561:cool: UDP(55617) UDP(55616) UDP(55615)
    5/30/2002 8:42:26 PM      Connection request      209.120.142.179      UDP(55620)
    5/30/2002 8:42:24 PM      Connection request      209.120.142.179      UDP(55619)
    5/30/2002 8:42:22 PM      Connection request      209.120.142.179      UDP(5561:cool:
    5/30/2002 8:42:20 PM      Connection request      209.120.142.179      UDP(55617)
    5/30/2002 8:42:18 PM      Connection request      209.120.142.179      UDP(55616)
    5/30/2002 8:42:16 PM      Connection request      209.120.142.179      UDP(55615)
    5/30/2002 8:37:14 PM      Port scanned      209.120.142.179      UDP(55615) UDP(55614) UDP(55613) UDP(55612) UDP(55611) UDP(55610)
    5/30/2002 8:21:40 PM      Port scanned      209.120.142.179      UDP(55602) UDP(55601) UDP(55600) UDP(55599) UDP(5559:cool: UDP(55597)
    5/30/2002 8:11:18 PM      Port scanned      209.120.142.179      UDP(55594) UDP(55593) UDP(55592) UDP(55591) UDP(55590) UDP(55589)
    5/30/2002 8:11:18 PM      Connection request      209.120.142.179      UDP(55594)
    5/30/2002 8:11:16 PM      Connection request      209.120.142.179      UDP(55593)
    5/30/2002 8:11:14 PM      Connection request      209.120.142.179      UDP(55592)
    5/30/2002 8:11:12 PM      Connection request      209.120.142.179      UDP(55591)
    5/30/2002 8:11:10 PM      Connection request      209.120.142.179      UDP(55590)
    5/30/2002 8:11:09 PM      Connection request      209.120.142.179      UDP(55589)
    5/30/2002 8:06:08 PM      Port scanned      209.120.142.179      UDP(55590) UDP(55589) UDP(5558:cool: UDP(55587) UDP(55586) UDP(55585)
    5/30/2002 8:06:08 PM      Connection request      209.120.142.179      UDP(55590)
    5/30/2002 8:06:06 PM      Connection request      209.120.142.179      UDP(55589)
    5/30/2002 8:06:04 PM      Connection request      209.120.142.179      UDP(5558:cool:
    5/30/2002 8:06:02 PM      Connection request      209.120.142.179      UDP(55587)
    5/30/2002 8:06:00 PM      Connection request      209.120.142.179      UDP(55586)
    5/30/2002 8:05:58 PM      Connection request      209.120.142.179      UDP(55585)
    5/30/2002 8:00:57 PM      Port scanned      209.120.142.179      UDP(55586) UDP(55585) UDP(55584) UDP(55583) UDP(55582) UDP(55581)
    5/30/2002 8:00:57 PM      Connection request      209.120.142.179      UDP(55586)
    5/30/2002 8:00:55 PM      Connection request      209.120.142.179      UDP(55585)
    5/30/2002 8:00:53 PM      Connection request      209.120.142.179      UDP(55584)
    5/30/2002 8:00:51 PM      Connection request      209.120.142.179      UDP(55583)
    5/30/2002 8:00:49 PM      Connection request      209.120.142.179      UDP(55582)
    5/30/2002 8:00:47 PM      Connection request      209.120.142.179      UDP(55581)
    5/30/2002 7:55:45 PM      Port scanned      209.120.142.179      UDP(55581) UDP(55580) UDP(55579) UDP(5557:cool: UDP(55577) UDP(55576)
    5/30/2002 7:55:45 PM      Connection request      209.120.142.179      UDP(55581)
    5/30/2002 7:55:43 PM      Connection request      209.120.142.179      UDP(55580)
    5/30/2002 7:55:41 PM      Connection request      209.120.142.179      UDP(55579)
    5/30/2002 7:55:39 PM      Connection request      209.120.142.179      UDP(5557:cool:
    5/30/2002 7:55:37 PM      Connection request      209.120.142.179      UDP(55577)
    5/30/2002 7:55:35 PM      Connection request      209.120.142.179      UDP(55576)
    5/30/2002 7:50:33 PM      Port scanned      209.120.142.179      UDP(55576) UDP(55575) UDP(55574) UDP(55573) UDP(55572) UDP(55571)
    5/30/2002 7:50:33 PM      Connection request      209.120.142.179      UDP(55576)
    5/30/2002 7:50:31 PM      Connection request      209.120.142.179      UDP(55575)
    5/30/2002 7:50:29 PM      Connection request      209.120.142.179      UDP(55574)
    5/30/2002 7:50:27 PM      Connection request      209.120.142.179      UDP(55573)
    5/30/2002 7:50:25 PM      Connection request      209.120.142.179      UDP(55572)
    5/30/2002 7:50:23 PM      Connection request      209.120.142.179      UDP(55571)
    5/30/2002 7:45:22 PM      Port scanned      209.120.142.179      UDP(55572) UDP(55571) UDP(55570) UDP(55569) UDP(5556:cool: UDP(55567)
    5/30/2002 7:45:22 PM      Connection request      209.120.142.179      UDP(55572)
    5/30/2002 7:45:20 PM      Connection request      209.120.142.179      UDP(55571)
    5/30/2002 7:45:18 PM      Connection request      209.120.142.179      UDP(55570)
    5/30/2002 7:45:16 PM      Connection request      209.120.142.179      UDP(55569)
    5/30/2002 7:45:14 PM      Connection request      209.120.142.179      UDP(5556:cool:
    5/30/2002 7:45:12 PM      Connection request      209.120.142.179      UDP(55567)
    5/30/2002 7:40:10 PM      Port scanned      209.120.142.179      UDP(55569) UDP(5556:cool: UDP(55567) UDP(55566) UDP(55565) UDP(55564)
    5/30/2002 7:40:10 PM      Connection request      209.120.142.179      UDP(55569)
    5/30/2002 7:40:08 PM      Connection request      209.120.142.179      UDP(5556:cool:
    5/30/2002 7:40:06 PM      Connection request      209.120.142.179      UDP(55567)
    5/30/2002 7:40:04 PM      Connection request      209.120.142.179      UDP(55566)
    5/30/2002 7:40:02 PM      Connection request      209.120.142.179      UDP(55565)
    5/30/2002 7:40:00 PM      Connection request      209.120.142.179      UDP(55564)
    5/30/2002 7:34:58 PM      Port scanned      209.120.142.179      UDP(55564) UDP(55563) UDP(55562) UDP(55561) UDP(55560) UDP(55559)
    5/30/2002 7:34:58 PM      Connection request      209.120.142.179      UDP(55564)
    5/30/2002 7:34:56 PM      Connection request      209.120.142.179      UDP(55563)
    5/30/2002 7:34:54 PM      Connection request      209.120.142.179      UDP(55562)
    5/30/2002 7:34:52 PM      Connection request      209.120.142.179      UDP(55561)
    5/30/2002 7:34:50 PM      Connection request      209.120.142.179      UDP(55560)
    5/30/2002 7:34:48 PM      Connection request      209.120.142.179      UDP(55559)
    5/30/2002 7:29:47 PM      Port scanned      209.120.142.179      UDP(55560) UDP(55559) UDP(5555:cool: UDP(55557) UDP(55556) UDP(55555)
    5/30/2002 7:29:47 PM      Connection request      209.120.142.179      UDP(55560)
    5/30/2002 7:29:45 PM      Connection request      209.120.142.179      UDP(55559)
    5/30/2002 7:29:43 PM      Connection request      209.120.142.179      UDP(5555:cool:
    5/30/2002 7:29:41 PM      Connection request      209.120.142.179      UDP(55557)
    5/30/2002 7:29:39 PM      Connection request      209.120.142.179      UDP(55556)
    5/30/2002 7:29:37 PM      Connection request      209.120.142.179      UDP(55555)

    I snipped a big chunk out of the log to save space, but I wanted you to see what it was doing. The ports all ran sequentially.
    I use Outpost Pro on Win2K and a 56K dialup.
     
  4. PrairieDog

    PrairieDog Registered Member

    Joined:
    Apr 4, 2002
    Posts:
    6
    Would it be fair to say that the Email Virus Scanner is an elaboration of the "!000" or AAA Hoax?

    Links:
    http://www.langa.com/newsletters/2002/2002-05-30.htm
     
  5. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    Well, in my earlier press release about the UDP Port Scanner, I found out there was a problem which caused it to crash for some people.  That is now FIXED!

    In addition, I've got two more scanners online now and working, even for someone I know who tested it from Germany:

    TCP Port Scanner & Trojan TCP Port Scanner

    More Details and get scanned!

    [hr]

    As to the Email Address, it isn't a hoax and I'm not using it based on previous theories.  I made it like that so when someone opens their address book, they see the !Alert Me email first, and don't forget they have it.  It doesn't have to be used just by worms when one gets infected, it can be used when someone wants a second opinion on a file.
     
  6. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Thumbs up, Zhen!  ;)

    regards.

    paul
     
  7. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    Thanks my friend.. now I can take a short break from the underside.
     
Loading...
Thread Status:
Not open for further replies.