[CentOS] probes on udp port 500
Ted Kaczmarek
tedkaz at optonline.net
Tue Aug 2 23:14:54 UTC 2005
On Wed, 2005-08-03 at 00:32 +0200, Alexander Dalloz wrote:
> Am Di, den 02.08.2005 schrieb Aleksandar Milivojevic um 23:06:
>
> > Last couple of days some of my hosts were probed for UDP port 500 (IKE daemon,
> > used by IPSec for key exchange) from dialup IPs. Don't remember seeing similar
> > probes before. Some new vaulnerability that script kiddies (and pro crackers)
> > are trying out, or is this some old stuff? I do remember there were some
> > security problems with racoon in the past (that were fixed in current CentOS
> > ipsec-tools packages), but don't remember reading anywhere there were any
> > automated tools to exploit it floating around. Or are there some new flaws
> > discovered recently in some IKE implementations?
>
> ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc
>
> Alexander
>
What relevance to Centos 4.1 does this have?
Ted
More information about the CentOS
mailing list