Full Disclosure mailing list archives
Re: Ford Motors IT Contact
From: Simon Smith <simon () snosoft com>
Date: Tue, 27 May 2008 16:27:15 -0400
Indeed, that is the IP address. That IP address appears to be bound to some sort of a VPN system for ford. Perhaps its infected VPN users? Michael Holstein wrote:
In response to them still being infected with sql slammer and it probing my networks regularly.Let me guess .. it's 136.1.7.55 ? Here's what I get (from ford) every time that IP pops up in our automated abuse report .. --snip-- Our investigation into this matter has determined that the recent onset of attacks from this IP is the result of the IP being forged by an external party. External parties will commonly use IP addresses that belong to large organizations to mask network traffic. --snip-- Cheers, Michael Holstein Cleveland State University
-- - simon ---------------------- http://www.snosoft.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Ford Motors IT Contact Simon Smith (May 27)
- Re: Ford Motors IT Contact Stack Smasher (May 27)
- Re: Ford Motors IT Contact Valdis . Kletnieks (May 27)
- Re: Ford Motors IT Contact Gary Wilson (May 27)
- Re: Ford Motors IT Contact Nate McFeters (May 27)
- Re: Ford Motors IT Contact Simon Smith (May 27)
- Re: Ford Motors IT Contact Anders B Jansson (May 27)
- Re: Ford Motors IT Contact Bruce Ediger (May 27)
- Re: Ford Motors IT Contact Michael Holstein (May 27)
- Re: Ford Motors IT Contact Ray P (May 27)
- Re: Ford Motors IT Contact Simon Smith (May 27)
- Re: Ford Motors IT Contact Nate McFeters (May 27)
- Re: Ford Motors IT Contact Stack Smasher (May 27)