14 Apr
2010
14 Apr
'10
8:12 p.m.
On 14 April 2010 19:07, Srdjan Todorovic todorovic.s@googlemail.com wrote:
Some references to that port from different sources are mentioned in some Snort mailing list threads that mention a possible NOP sled attack.
A NOP sled can be on any port, or no port. Like Srdjan said, get a dump or find out what process has that port open (through netstat possibly?). Also what is the IP? Have you resolved it to see what it is? Who does it belong to?
--
Regards,
James.
http://www.jamesbensley.co.cc/