PPRuNe Forums

Go Back  PPRuNe Forums > Misc. Forums > Computer/Internet Issues & Troubleshooting
Reload this Page >

New nasty?

Register
FAQ
Calendar
Wikiposts
Today's Posts
Search
Vendor Directory
Computer/Internet Issues & Troubleshooting Anyone with questions about the terribly complex world of computers or the internet should try here. NOT FOR REPORTING ISSUES WITH PPRuNe FORUMS! Please use the subforum "PPRuNe Problems or Queries."

New nasty?

Thread Tools
 
Search this Thread
 
Old 3rd Jul 2004, 08:16
  #1 (permalink)  
Evo
Thread Starter
 
Join Date: Sep 2002
Location: Chichester, UK
Posts: 1,650
Likes: 0
Received 0 Likes on 0 Posts
New nasty?
Over the last couple of days, port 9898 on my firewall has started to take a hammering (nearly 500 hits last night). A bit of searching shows I'm not alone, with comments like

Over the past couple of days there has been a large rise in port 9898 activity reported http://www.dshield.org/port_report.php?port=9898 . The Dabber worm (which rides in on the coattails of Sasser) opens a listener on port 9898, which is then probed by the attacking system to confirm its success. We're unaware of any "counter-counter" worm that is looking for Dabber backdoors, but I have seen a significant rise in scanning for it, as well.
Any more info? I've seen this sort of thing before (e.g. a large number of 5554 scans with the Sasser worm), so I presume something is about to hit?

Probably a good time to make sure everything is up to date folks
Evo is offline  
Old 3rd Jul 2004, 10:33
  #2 (permalink)  
 
Join Date: Jan 2004
Location: Bracknell UK
Posts: 357
Likes: 0
Received 0 Likes on 0 Posts
Hi Evo,

http://securityresponse.symantec.com....dabber.a.html

Discovered May 14th

and

http://securityresponse.symantec.com....dabber.b.html

Discovered June 4th

It's been out a while now, and the big AVs will certainly have it under control, so updating your NAV, AVG etc is all that is required. I'd definitely suggest for those that are either using out of date AVs, little known ones off of a magazine cover disc etc. or don't have one at all (GET ONE)to do an online virus check, just to be sure.

Cheers

Liam
Last edited by E-Liam; 3rd Jul 2004 at 12:36.
E-Liam is offline  
Back to Subforum
Computer/Internet Issues & Troubleshooting
View Next Unread
Blocking Unwanted Parasites with a Hosts File

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



Advanced Search

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service

Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.