Security Incidents mailing list archives
Re: Win2k hack attempt
From: "Blake R. Swopes" <bhodi () BIGFOOT COM>
Date: Sat, 30 Dec 2000 20:12:40 -0800
Looks like they were trying to use some IIS exploit to create a copy of your command interpreter and then pass commands to the copy, defacing your web site. Kashmir has been a theme in a lot of mass defacements lately, and looks like israel/palestine is on the rise. Was your web site defaced or the cmd1.exe file created? -----Original Message----- From: Incidents Mailing List [mailto:INCIDENTS () SECURITYFOCUS COM]On Behalf Of Guy Geva Sent: Saturday, December 30, 2000 2:53 AM To: INCIDENTS () SECURITYFOCUS COM Subject: Win2k hack attempt Hi list, Please give your opinion its a bit wierd... Hacking attempt on my win2k server, please try to tell me what is wrong with my system what is the hacking method taken ? and any other useful information will be great. I patched myself with all the patches available. the log is attached.
Current thread:
- Win2k hack attempt Guy Geva (Dec 30)
- Re: Win2k hack attempt Blake R. Swopes (Dec 30)
- Re: Win2k hack attempt Nexus (Dec 31)