Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2005-03-24 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Increase in Port 6101 Activity

Published: 2005-03-24
Last Updated: 2005-03-24 16:40:18 UTC
by Deborah Hale (Version: 1)
0 comment(s)
Port 6101 Activity



It appears that we are again seeing an increase in activity being reported on port 6101.



http://www.dshield.org/port_report.php?port=6101&recax=1&tarax=2&srcax=2&percent=N&days=40



This port is commonly used by Veritas Backup Exec. If you recall back in late December and early January a bulletin was issued by CIAC indicating that there was a potential buffer overflow vulnerability that exists in the Veritas Backup Exec service processes.


http://ciac.llnl.gov/ciac/bulletins/p-066.shtml


Veritas acknowledged that this was an issue and released some hotfixes back in late January.



http://seer.support.veritas.com/docs/273850.htm



If you have not yet applied the appropriate hotfixes - now might be a good time to do it. After all - I would rather you spend your time at home with your family this Easter weekend, not at the shop cleaning up the mess.



Deb Hale


Handler On Duty
Keywords:
0 comment(s)
Diary Archives