Security Basics mailing list archives
RE: X11 Outgoing
From: "David Gillett" <gillettdavid () fhda edu>
Date: Mon, 3 Nov 2003 14:54:11 -0800
Your example alert looks like a connection to pD4B9F42A.dip.t-dialin.net [212.185.244.42] from whatever you local ip is/was. Many of the hacked machines I have seen over the last few years are in the dip.t-dialin.net. That said, I am sure they are a ISP with real clients doing purhaps legitimate work.
In the last four years, every time (a dozen or so) that I've investigated a co-opting of a server by warez/porn pirates, one of the external addresses involved has traced back to t-dialin.net . Complaints to them always elicited a canned "The users will be located and warned" response -- I don't bother any more. David Gillett --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- Re: X11 Outgoing Brad Arlt (Nov 03)
- Re: X11 Outgoing Dr Aldo Medina (Nov 03)
- Re: X11 Outgoing Brad Arlt (Nov 03)
- RE: X11 Outgoing David Gillett (Nov 03)
- Re: X11 Outgoing Ansgar -59cobalt- Wiechers (Nov 04)
- Re: X11 Outgoing Brad Arlt (Nov 03)
- Re: X11 Outgoing Dr Aldo Medina (Nov 03)