Security Incidents mailing list archives
Re: big increase in ftp scanning
From: Michael Bush <mike () IEACCESS COM>
Date: Tue, 31 Oct 2000 19:02:53 -0600
202.107.222.172 <- Anonymous FTP: c-class scan (Oct 30 20:05:57 CST) pc241-gui4.cable.ntl.com <- " (Oct 19 19:54:30 CST) p364.as1.cra.dublin.eircom.net <- " (Oct 14 17:27:12 CST) Well well, 3 people scanned by the same host. Maybe we should keep a database of 'active scanners' and leave this list to new scan 'types', possible new exploits and compromises. Just an idea. I'd don't believe an increase in FTP scans in a sign of anything. Show me something other failed anonymous FTP logins and I'll be interested. although I do find it somewhat useful, I'd rather not see this in my mail box. Mike Bush ----- Original Message ----- From: "Greg Owen" <gowen () SOFTLOCK COM> To: <INCIDENTS () SECURITYFOCUS COM> Sent: Monday, October 30, 2000 12:36 PM Subject: Re: big increase in ftp scanning
i've seen a ton of ftp scans in the last week.I had three this weekend, one source in common with yours. (212.83.90.123) cgmd90123.chello.nl (24.28.122.195) cs28122-195.houston.rr.com (202.107.222.172) (no PTR record) All appear to simply be traversing the tree and looking for writable directories, rather than probing for compromise. This server has been running for just over a month and has had no probes before this weekend. Must be that time of the moon. -- gowen -- Greg Owen -- gowen () SoftLock com
Current thread:
- Re: big increase in ftp scanning David Knaack (Nov 01)
- <Possible follow-ups>
- Re: big increase in ftp scanning Jose Nazario (Nov 01)
- Re: big increase in ftp scanning Eilon Gishri (Nov 01)
- Re: big increase in ftp scanning Gregory A Lundberg (Nov 01)
- Re: big increase in ftp scanning Russell Fulton (Nov 02)
- Re: big increase in ftp scanning Gregory A Lundberg (Nov 01)
- Re: big increase in ftp scanning Sean Michael Whipkey (Nov 01)
- Re: big increase in ftp scanning Greg Owen (Nov 01)
- Re: big increase in ftp scanning Michael Bush (Nov 02)
- Re: big increase in ftp scanning Christopher Malek (Nov 05)
- Re: big increase in ftp scanning Mike A. Harris (Nov 02)
- Re: big increase in ftp scanning Thomas Molina (Nov 05)
- Re: big increase in ftp scanning Daniel Roesen (Nov 08)
- Re: big increase in ftp scanning Tuc (Nov 08)
- Re: big increase in ftp scanning Keith Owens (Nov 09)
- Re: big increase in ftp scanning Jan Muenther (Nov 11)
- Re: big increase in ftp scanning Russell Fulton (Nov 13)
- Re: big increase in ftp scanning Andreas Ferber (Nov 14)
- Re: big increase in ftp scanning Jan Muenther (Nov 14)