Security Incidents mailing list archives
Re: ingreslock message
From: hdm () SECUREAUSTIN COM (H D Moore)
Date: Tue, 7 Mar 2000 13:05:29 -0600
Ingreslock is the most common port that crackers put thier rootshells on, because the majority of system admins don't know what it is and may overlook it easily. It was probably just some script kiddie (or "security consultant" who knows these days) scanning for forgotten rootshells. -HD Dino Amato wrote:
I logged this: Mar 5 15:58:23 monitor tcplogd: ingreslock connection attempt from unknown () sleipnir1 cs ucl ac uk what does the ingreslock mean and what was this person trying to do? Thanks
Current thread:
- Re: @home: Is *anyone* really home there???, (continued)
- Re: @home: Is *anyone* really home there??? Jon Burdge (Mar 02)
- Re: @home: Is *anyone* really home there??? Greg A. Woods (Mar 02)
- Re: @home: Is *anyone* really home there??? William Annis (Mar 03)
- scans with spoofed address (was @home: Is *anyone*...) Russell Fulton (Mar 07)
- Re: @home: Is *anyone* really home there??? Ville (Mar 03)
- ingreslock message Dino Amato (Mar 05)
- Re: ingreslock message Graeme Fowler (Mar 07)
- Re: ingreslock message Dino Amato (Mar 07)
- Re: @home: Is *anyone* really home there??? Greg A. Woods (Mar 02)
- Re: ingreslock message Robert Graham (Mar 07)
- firewall abusing Przemyslaw Frasunek (Mar 07)
- Re: ingreslock message H D Moore (Mar 07)
- Re: ingreslock message Eric Maiwald (Mar 07)
- Re: auto-reporting to ISPs John Nemeth (Mar 07)
- UDP flood 28001-28003 George (Mar 07)
- Re: ingreslock message Jens Hektor (Mar 09)
- Re: ingreslock message Ex Machina [xm] (Mar 13)
- Re: ingreslock message Jens Hektor (Mar 13)
- Re: @home: Is *anyone* really home there??? Jon Burdge (Mar 02)