Security Incidents mailing list archives
Re: big increase in ftp scanning
From: Gregory A Lundberg <lundberg () VR NET>
Date: Mon, 30 Oct 2000 13:15:05 -0500
i've seen a ton of ftp scans in the last week.
I've seen a few over the past several months. Mostly one or two sites a day, two or three days a week. Frankly, it wasn't enough of an increase following the hack earlier this year to get me interested.
they have come from: 62.226.217.222 (p3EE2D9DE.dip.t-dialin.net) 64.209.232.25 (isengard.iad4.gctr.net) 62.20.37.140 (basecamp.gotland.se) 24.28.122.195 (cs28122-195.houston.rr.com) 24.162.74.203 (cs16274-203.austin.rr.com)
I'm seeing a lot more geographic dispersion, but the clusters are Pacific rim (mainly China and Japan), and the Pacific coast of US.
As for these type of scans, looks like they are world wide and are mainly targeted at Linux.
My honeypot says most of them are just scanning. The few that try a crack are using the broken, published crack instead of taking the time to fix it. Interestingly, the crack attempts are pretty fairly distributed over the historical cracks; while the latest is the most common, it's not much more common that older attacks. So I'm guessing most of this activity is clueless script kids.
Current thread:
- Re: big increase in ftp scanning David Knaack (Nov 01)
- <Possible follow-ups>
- Re: big increase in ftp scanning Jose Nazario (Nov 01)
- Re: big increase in ftp scanning Eilon Gishri (Nov 01)
- Re: big increase in ftp scanning Gregory A Lundberg (Nov 01)
- Re: big increase in ftp scanning Russell Fulton (Nov 02)
- Re: big increase in ftp scanning Gregory A Lundberg (Nov 01)
- Re: big increase in ftp scanning Sean Michael Whipkey (Nov 01)
- Re: big increase in ftp scanning Greg Owen (Nov 01)
- Re: big increase in ftp scanning Michael Bush (Nov 02)
- Re: big increase in ftp scanning Christopher Malek (Nov 05)
- Re: big increase in ftp scanning Mike A. Harris (Nov 02)
- Re: big increase in ftp scanning Thomas Molina (Nov 05)
- Re: big increase in ftp scanning Daniel Roesen (Nov 08)
- Re: big increase in ftp scanning Tuc (Nov 08)
- Re: big increase in ftp scanning Keith Owens (Nov 09)