Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Port 2100 (tcp/udp) Attack Activity - Internet Security | DShield Port 2100 (tcp/udp) Attack Activity


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Loading...
[get complete service list]
Port Information
Protocol Service Name
tcp amiganetfs amiganetfs
udp amiganetfs amiganetfs
Top IPs Scanning
TodayYesterday
198.108.67.48 (48)198.108.67.48 (93)
89.248.172.16 (21)89.248.172.16 (18)
51.75.52.127 (12)51.75.52.127 (17)
198.20.99.130 (4)66.240.219.146 (13)
198.108.67.58 (2)198.20.99.130 (10)
45.136.109.85 (2)45.136.109.85 (5)
198.108.67.79 (2)185.175.93.103 (3)
198.108.67.52 (2)45.136.109.33 (3)
198.108.67.85 (1)198.108.67.97 (2)
198.108.67.95 (1)198.108.67.58 (2)
User Comments
Submitted By Date
Comment
2006-05-01 16:28:17
For 2100/tcp, Oracle XDB FTP Vulnerability, see http://www.securityfocus.com/bid/8375
David Taylor 2005-05-10 17:47:22
Currently port 2100 is only showing amiganetfs. I wonder if it is worth it to also add Oracle as well? http://oit.ohio.gov/alerts/OracleXDBFTPServicesBufferOverflowVulnerabilityisbeingexploitedinthewild.aspx Oracle XDB FTP Services Exploit code for the Oracle XDB FTP Services Buffer Overflow Vulnerability was added to the Metasploit Framework on March 18, 2005. The Metasploit Framework is an open-source platform for developing, testing, and using exploit code. The target port used in the exploit code for the vulnerability is 2100/TCP. Beginning on March 19, DShield.org reported a significant increase in activity for port 2100/TCP see reference below. This is a likely indicator that the Oracle XDB FTP Services Buffer Overflow Vulnerability is being actively attempting to exploit vulnerable servers.
Add a comment
CVE Links
CVE # Description