My first step would be to request the firewall ruleset (or grab them
yourself if you have access) and trace back to the source on your
internal network. Then ask the owners of whatever you traced it back
to that very question.
On Jun 18, 2007, at 1:59 PM, killy wrote:
Scanning my external firewall(at work), I (yes, it is my job to)
find this:
PORT STATE SERVICE
53/tcp open domain
1029/tcp open ms-lsa
1032/tcp open iad3
3389/tcp open ms-term-serv
Why would 1029 and 1032 need to be open from the outside?
-Kill
--
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
----------------------------------------------------------------------
--
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
----------------------------------------------------------------------
--
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
|