Security Incidents mailing list archives
Re: Cracked by the Brazilians
From: symetrix () SYMETRIX ORG (Michael Damm)
Date: Thu, 30 Mar 2000 15:06:24 -0800
Hi.
Hi.
[root@physics .usr]# ls BitchX [LASF]_Hanging_Up_[Telesync][1of2].asf [LASF]_Mission_To_Mars_[GOOD.Telesync][1of2].asf scr-bx sexet2.mpg BitchX-75p3-Linux-glibc2-i386.tar [LASF]_Hanging_Up_[Telesync][2of2].asf [LASF]_Mission_To_Mars_[GOOD.Telesync][2of2].asf sexet1.mpg wserv
This is a red flag for me. Obviously its a warez/vcd kiddie distributing his goods from your server. Try some EFnet/Dalnet/Undernet channels like #good or #telesync or maybe even #vcd/#asf. Start talking with a few of the ops and see if you can get anyone to incriminate themselves. From there its whatever your local BOFH chooses to do with/to them. -Mike _____________________________________________ NetZero - Defenders of the Free World Click here for FREE Internet Access and Email http://www.netzero.net/download/index.html
Current thread:
- Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity, (continued)
- Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity Jeffrey D. Carter (Mar 25)
- Re: Dramatic increase in UDP Port 137 (NetBIOS Name Service) probeactivity Bryan Andersen (Mar 28)
- Re: Dramatic increase in UDP Port 137 (NetBIOS Name Service) probeactivity Christoph Schneeberger (Mar 29)
- Re: Dramatic increase in UDP Port 137 (NetBIOS Name Service)probeactivity Bill Pennington (Mar 29)
- Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity) Pavel Kankovsky (Mar 29)
- Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity) Joshua Krage (Mar 29)
- Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity) Greg A. Woods (Mar 29)
- Re: 169.254.x.x Robert Graham (Mar 29)
- Re: 169.254.x.x Pavel Kankovsky (Mar 30)
- Cracked by the Brazilians Seth Milder (Mar 30)
- Re: Cracked by the Brazilians Michael Damm (Mar 30)
- Re: Cracked by the Brazilians Seth Milder (Mar 30)
- Re: Cracked by the Brazilians Robert Graham (Mar 30)
- Re: Cracked by the Brazilians Seth Milder (Mar 30)
- Re: Cracked by the Brazilians Michael H. Warfield (Mar 30)
- Re: Cracked by the Brazilians Omachonu Ogali (Mar 30)
- Re: Cracked by the Brazilians Blaise St-Laurent (Mar 30)
- Re: Cracked by the Brazilians Ralf Spenneberg (Mar 30)
- Re: Cracked by the Brazilians Seth Milder (Mar 30)
- link-local IPs (Was "Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity)") Richard Johnson (Mar 30)
- unapproved queries for "aol.com" Francis A. Vidal (Mar 26)