Sign in with
Sign up | Sign in
Your question

what malware uses port 2070?

Last response: in Networking
Share
May 6, 2004 3:41:33 PM

Archived from groups: comp.security.firewalls (More info?)

My router logs this morning are virtually continually showing incoming port
2070 scans from a wide range of IP addresses. Is there a worm etc that
typically uses this port?

Thanks,
Billh

More about : malware port 2070

Anonymous
May 7, 2004 8:05:12 PM

Archived from groups: comp.security.firewalls (More info?)

Taking a moment's reflection, billh mused:
|
| My router logs this morning are virtually continually showing incoming
| port 2070 scans from a wide range of IP addresses. Is there a worm etc
| that typically uses this port?

It doesn't appear so. On the list I have that was updated two days ago,
it lists the following for 2070 TCP/UDP: "AH and ESP Encapsulated in UDP
packet" which appear to be related to IPSec.
May 7, 2004 8:05:13 PM

Archived from groups: comp.security.firewalls (More info?)

"mhicaoidh" <®êmõvé_mhic_aoidh@hotÑîXmailSPäM.com> wrote in message
news:YsOmc.46293$kh4.2564957@attbi_s52...
> Taking a moment's reflection, billh mused:
> |
> | My router logs this morning are virtually continually showing incoming
> | port 2070 scans from a wide range of IP addresses. Is there a worm etc
> | that typically uses this port?
>
> It doesn't appear so. On the list I have that was updated two days
ago,
> it lists the following for 2070 TCP/UDP: "AH and ESP Encapsulated in UDP
> packet" which appear to be related to IPSec.
>
>
Thanks for the reply. So I can try and understand this stuff a bit better
why would I be logging so many attempts?
Billh
Anonymous
May 8, 2004 12:36:17 AM

Archived from groups: comp.security.firewalls (More info?)

Taking a moment's reflection, billh mused:
|
| Thanks for the reply. So I can try and understand this stuff a bit better
| why would I be logging so many attempts?

To be honest, I am not quite sure. Perhaps someone else will come along
with more information. Though, I would be inclined to believe that perhaps
someone has misconfigured something on their end, and that traffic is
mistakenly being directed to your IP. Or, perhaps, it corresponds with your
attempts to log into/out of a SSH secured site.
!