[SC-Help] Re: NOT SPAMCOP - but TCP port 1433 probe question...
kram
spamcop-help@news.spamcop.net
Thu, 23 May 2002 15:29:43 -0400
"Greg Cocks" <submit.5837bPjXt9p64l04> wrote in message
news:Xns9216F261161submit5837bPjXt9p64l
> Hi,
>
> Sorry about the off-'topic' post, but people here are savvy and interested
> in security and their online rights and such...
>
> In the last 3 days I have seen *large* number of probes at my TCP port
1433
> with a stated source service of Microsoft-SQL-Server' - any background?
>
> Cheers:
> GREG...
>
> P.S. Go ahead, roast me up if you must - or just ignore my post... (later
> is a lot less effort...)
Greg:
This topic has been under discussion in the main group since yesterday.
(no I am not doing a "Larry" - I'll leave that to him <g>)
It seems there is a new worm running around and probing 1433
1433 is the default port for the SQL server on almost all networks.
Seems like someone is looking to steal/trash any database they
can get their hands on.
See topics in the main group with "1433" or "exploit" in the subject.
HTH
--
KK
"So long, and thanks for all the fish"