PRTG

From Noisebridge Wiki
Revision as of 04:55, 10 February 2026 by Maintenance script (talk | contribs) (Imported from Noisebridge wiki backup)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Some sort of wiki attacking malware/bot is running on machines presenting to teh interwebs as a PRTG NETWORK MONITOR. There are a number of these devices presumably using a windows exploit for access. They seem to be clustered in certain ranges of IP's such as the following.

They seem to be on a persistent mission to sell viagra and such boner pills, and they probably aren't doctors even! 

Starting Nmap 6.00 ( http://nmap.org ) at 2016-12-18 06:58 EET
NSE: Loaded 17 scripts for scanning.
Initiating SYN Stealth Scan at 06:58
Scanning systemip.example.com (91.200.12.74) [100 ports]
Discovered open port 445/tcp on 91.200.12.74
Discovered open port 80/tcp on 91.200.12.74
Discovered open port 49154/tcp on 91.200.12.74
Discovered open port 135/tcp on 91.200.12.74
Discovered open port 3389/tcp on 91.200.12.74
Completed SYN Stealth Scan at 06:58, 2.09s elapsed (100 total ports)
Initiating Service scan at 06:58



Retrieved from "http://beyla.local/index.php?title=PRTG&oldid=4270"