probes on udp port 500

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Am Di, den 02.08.2005 schrieb Aleksandar Milivojevic um 23:06:

> Last couple of days some of my hosts were probed for UDP port 500 (IKE daemon,
> used by IPSec for key exchange) from dialup IPs.  Don't remember seeing similar
> probes before.  Some new vaulnerability that script kiddies (and pro crackers)
> are trying out, or is this some old stuff?  I do remember there were some
> security problems with racoon in the past (that were fixed in current CentOS
> ipsec-tools packages), but don't remember reading anywhere there were any
> automated tools to exploit it floating around.  Or are there some new flaws
> discovered recently in some IKE implementations?

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp 
Serendipity 00:32:04 up 18 days, 5:04, load average: 0.26, 0.26, 0.20 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.centos.org/pipermail/centos/attachments/20050803/61c68c90/attachment.bin

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux