Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Port 4899 (tcp/udp) Attack Activity - SANS Internet Storm Center Port 4899 (tcp/udp) Attack Activity


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Loading...
Port Information
Protocol Service Name
tcp radmin Remote Administrator default port
[get complete service list]
Port diary mentions
URL
Law, spam, and 4899tcp
A day in the life of a firewall log
TCP scanning increase for 4899
User Comments
Submitted By Date
Comment
Timo Steffens 2009-10-04 18:34:16
On the following forum there is a post (#13) describing how to determine whether a packet was really intended for radmin (static identification data) : http://www.governmentsecurity.org/forum/index.php?showtopic=7866
2004-10-28 05:52:28
http://www.pestpatrol.com/PestInfo/r/remote_administrator__rat_.asp
Ronaldo Vasconcellos 2004-08-23 22:42:38
More info on 4899 TCP on: [VulnWatch] SECNAP Security Alert: Radmin Default install options vulnerability http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0099.html As stated just above, there´s a known vulnerability related to this service (radmin). The intent of this post is just to provide you with more info about this vuln.
Paulo Sedrez 2004-07-23 04:58:32
There is a known remote exploitable vulnerability in radmin server versions 2.0 and 2.1 that allows code execution.
Add a comment
CVE Links
CVE # Description