[CentOS] probes on udp port 500
Alexander Dalloz
ad+lists at uni-x.org
Tue Aug 2 23:21:52 UTC 2005
Am Mi, den 03.08.2005 schrieb Ted Kaczmarek um 1:14:
> On Wed, 2005-08-03 at 00:32 +0200, Alexander Dalloz wrote:
> > Am Di, den 02.08.2005 schrieb Aleksandar Milivojevic um 23:06:
> >
> > > Last couple of days some of my hosts were probed for UDP port 500 (IKE daemon,
> > > used by IPSec for key exchange) from dialup IPs. Don't remember seeing similar
> > > probes before. Some new vaulnerability that script kiddies (and pro crackers)
> > > are trying out, or is this some old stuff? I do remember there were some
> > > security problems with racoon in the past (that were fixed in current CentOS
> > > ipsec-tools packages), but don't remember reading anywhere there were any
> > > automated tools to exploit it floating around. Or are there some new flaws
> > > discovered recently in some IKE implementations?
> >
> > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc
> >
> > Alexander
> >
> What relevance to Centos 4.1 does this have?
>
> Ted
Do script kids in first instance care for the OS of the target host when
they run scripts? My reply was meant as a possible return to the part "
Some new vaulnerability that script kiddies (and pro crackers) re trying
out, or is this some old stuff?".
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 01:18:45 up 18 days, 5:51, load average: 0.00, 0.12, 0.18
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://lists.centos.org/pipermail/centos/attachments/20050803/d00a028e/attachment.sig>
More information about the CentOS
mailing list