Comment by zerr
7 months ago
Didn't get why that WinNT box was connecting to your box. Due to some misconfigured Windows update procedure?
7 months ago
Didn't get why that WinNT box was connecting to your box. Due to some misconfigured Windows update procedure?
I never found this out, but there was some feature where NT would try to negotiate an encrypted connection to communicate and that’s the port it was connecting on. It’s a long time ago. It’s possible the box had been pwned, and that was command/control for a botnet or something. Lots of internet-facing windows boxes were at the time because MS security was absolutely horrendous at this time.