TCP Port 42
Windows Internet Naming Service (WINS).
Currently inbound scans are likely to be new worms exploiting a recently
overflow vulnerability within WINS.
Outbound scans if occurring in volume should be considered an indication of a
possible worm infection on the source computer and should be investigated.
PortPeeker Capture of WINS Exploit Attempt
PortPeeker Capture of a different WINS
Micorosoft - How to help protect against a WINS security issue
Technical Analysis by Steve Frield
Page last updated on
April 02, 2005