Sql Slammer attack [Archive] - Cyber Tech Help Support Forums

Amish

April 18th, 2008, 12:05 PM

Please find logs below and suggest , u son many instances of 1433 port on same server IP?

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:25 0.0.0.0:0 LISTENING
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:381 0.0.0.0:0 LISTENING
TCP 0.0.0.0:382 0.0.0.0:0 LISTENING
TCP 0.0.0.0:383 0.0.0.0:0 LISTENING
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1073 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1079 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1086 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1181 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1185 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1433 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2301 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2381 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:6129 0.0.0.0:0 LISTENING
TCP 0.0.0.0:9304 0.0.0.0:0 LISTENING
TCP 0.0.0.0:12345 0.0.0.0:0 LISTENING
TCP 0.0.0.0:13001 0.0.0.0:0 LISTENING
TCP 0.0.0.0:13724 0.0.0.0:0 LISTENING
TCP 0.0.0.0:13782 0.0.0.0:0 LISTENING
TCP 0.0.0.0:13783 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49400 0.0.0.0:0 LISTENING
TCP 192.168.2.75:80 192.168.255.80:2439 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:2441 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:3109 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:3149 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:9574 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:23726 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:28501 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:32138 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:36766 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:38904 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:43037 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:47982 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:48767 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:49346 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:50291 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:50345 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:50957 ESTABLISHED
TCP 192.168.2.75:80 192.168.255.80:51055 ESTABLISHED
TCP 192.168.2.75:80 10.193.0.80:3823 ESTABLISHED
TCP 192.168.2.75:80 10.193.3.195:2082 ESTABLISHED
TCP 192.168.2.75:80 10.195.0.67:4102 ESTABLISHED
TCP 192.168.2.75:80 10.195.0.67:4103 ESTABLISHED
TCP 192.168.2.75:80 10.195.2.66:2286 ESTABLISHED
TCP 192.168.2.75:80 10.196.1.80:3007 ESTABLISHED
TCP 192.168.2.75:80 10.196.1.82:1722 ESTABLISHED
TCP 192.168.2.75:80 10.196.6.78:2080 ESTABLISHED
TCP 192.168.2.75:80 10.197.3.253:3187 ESTABLISHED
TCP 192.168.2.75:80 10.197.6.75:2286 ESTABLISHED
TCP 192.168.2.75:80 10.207.2.220:1295 ESTABLISHED
TCP 192.168.2.75:80 10.207.2.220:1296 ESTABLISHED
TCP 192.168.2.75:80 10.207.4.204:3046 ESTABLISHED
TCP 192.168.2.75:80 121.247.52.27:63658 ESTABLISHED
TCP 192.168.2.75:139 0.0.0.0:0 LISTENING
TCP 192.168.2.75:1433 192.168.255.101:1052 ESTABLISHED
TCP 192.168.2.75:1433 192.168.255.101:1054 ESTABLISHED
TCP 192.168.2.75:1433 192.168.255.101:1076 ESTABLISHED
TCP 192.168.2.75:1433 192.168.255.101:1077 ESTABLISHED
TCP 192.168.2.75:1433 192.168.255.101:1078 ESTABLISHED
TCP 192.168.2.75:1433 192.168.255.101:3204 ESTABLISHED
TCP 192.168.2.75:1433 192.168.255.101:3205 ESTABLISHED
TCP 192.168.2.75:1433 192.168.255.101:3206 ESTABLISHED
TCP 192.168.2.75:1840 97.253.18.67:12011 CLOSE_WAIT
TCP 192.168.2.75:3389 10.8.75.62:3001 ESTABLISHED
TCP 192.168.2.75:3540 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3614 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3615 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3616 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3617 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3686 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3687 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3688 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3689 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3690 192.168.255.165:135 TIME_WAIT
TCP 192.168.2.75:3691 192.168.255.165:1025 TIME_WAIT
TCP 192.168.2.75:3692 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3697 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3698 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3699 192.168.255.5:445 TIME_WAIT
TCP 192.168.2.75:3705 192.168.255.5:135 TIME_WAIT
TCP 192.168.2.75:3706 192.168.255.5:1025 TIME_WAIT
TCP 192.168.2.75:3711 192.168.255.5:389 TIME_WAIT
TCP 192.168.2.75:3712 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3713 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3714 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3715 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3716 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3717 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3718 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3719 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3720 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3722 192.168.255.169:139 TIME_WAIT
TCP 192.168.2.75:3724 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3725 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3726 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3732 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3733 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3734 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3735 192.168.255.155:80 TIME_WAIT
TCP 192.168.2.75:3736 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3737 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3738 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3739 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3740 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3741 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3742 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3743 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3744 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3745 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3885 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3886 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3887 192.168.2.75:1433 TIME_WAIT
TCP 192.168.2.75:3888 192.168.2.75:1433 TIME_WAIT
TCP 127.0.0.1:383 127.0.0.1:3629 TIME_WAIT
TCP 127.0.0.1:1181 127.0.0.1:1192 ESTABLISHED
TCP 127.0.0.1:1185 127.0.0.1:1194 ESTABLISHED
TCP 127.0.0.1:1192 127.0.0.1:1181 ESTABLISHED
TCP 127.0.0.1:1194 127.0.0.1:1185 ESTABLISHED
TCP 127.0.0.1:2187 127.0.0.1:40000 ESTABLISHED
TCP 127.0.0.1:40000 0.0.0.0:0 LISTENING
TCP 127.0.0.1:40000 127.0.0.1:2187 ESTABLISHED
TCP 172.17.10.24:3721 172.17.11.180:139 TIME_WAIT
UDP 0.0.0.0:135 *:*
UDP 0.0.0.0:161 *:*
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:1027 *:*
UDP 0.0.0.0:1047 *:*
UDP 0.0.0.0:1089 *:*
UDP 0.0.0.0:1097 *:*
UDP 0.0.0.0:1180 *:*
UDP 0.0.0.0:1184 *:*
UDP 0.0.0.0:1434 *:*
UDP 0.0.0.0:3456 *:*
UDP 0.0.0.0:3708 *:*
UDP 0.0.0.0:13001 *:*
UDP 192.168.2.75:137 *:*
UDP 192.168.2.75:138 *:*
UDP 192.168.2.75:500 *:*

lufbra

April 18th, 2008, 01:20 PM

Wrong forum...

Open Discussion
A place to chat with other members about non-technical related topics

rockboy

April 18th, 2008, 07:28 PM

See the new post here...
http://www.cybertechhelp.com/forums/showthread.php?t=179938