Security Incidents mailing list archives
RE: AOL hackings
From: "Jonathan A. Zdziarski" <jonathan () cafejesus com>
Date: Thu, 2 Aug 2001 17:14:15 -0400
what annoys me isn't the number of hacks from AOL, it's the fact that their abuse department is always slow to respond and sometimes, doesn't do anything. Looks like some other folks on this list have the same problem. Hacks in themselves are nothing more than an annoyance, but it's insulting when the ISP doesn't do anything about it. At least this way they could be lazy since packets wouldn't come through. As for AOL users being technically inefficient, I'm sure there are some geniuses using AOL, but the fact that my servers are still running says they can't be the brightest black hats out there. -----Original Message----- From: Lampe, John W. [mailto:JWLAMPE () GAPAC com] Sent: Thursday, August 02, 2001 4:40 PM To: 'Jonathan A. Zdziarski '; 'incidents () securityfocus com ' Subject: RE: AOL hackings Despite the fact that AOL is one of the larger ISP's (largest?), I only get a handful of scans from their blocks...Their track record is better than most...Are you presuming that AOL users are not technically efficient, and hence shouldn't be scanning anyone's machine? If I'm going to gripe about ISP's, there are some other big ones out there which regularly contribute to my IDS logs week after week on a much larger scale than AOL ever has.... John Lampe -----Original Message----- From: Jonathan A. Zdziarski To: Seung Kevin; incidents () securityfocus com Sent: 8/2/01 2:49 PM Subject: RE: AOL hackings OK so if this is happening to everyone why can't AOL put some poilcies in place to prevent port scans and other nuissances? AOL, being mostly a content provider rather than an ISP, should be able to block outgoing packets targeted to most ports, no? What does the average AOL user need: 80, 21, 22, 23 (eek), 6667-7777, 110, 443, and maybe a handful of others...looking at my logs it's obvious they're not blocking many or any ports at all. I miss the days when AOL wasn't wired directly to the internet. -----Original Message----- From: Seung Kevin [mailto:kseung () buckconsultants com] Sent: Thursday, August 02, 2001 2:45 PM To: 'Jonathan A. Zdziarski'; incidents () securityfocus com Subject: RE: AOL hackings Yes, this has happen to us a few times. -----Original Message----- From: Jonathan A. Zdziarski [SMTP:jonathan () cafejesus com] Sent: Thursday, August 02, 2001 10:16 AM To: incidents () securityfocus com Subject: AOL hackings I've noticed some user[s] from AOL have been running port scans on our systems, and even tried to make SSH connections to our boxes (which are libwrapped). Just wondering if anyone else is experiencing this from AOL's network. ------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ***************************************************************** DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. ------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- AOL hackings Jonathan A. Zdziarski (Aug 02)
- Re: AOL hackings Meritt James (Aug 02)
- <Possible follow-ups>
- RE: AOL hackings Jonathan A. Zdziarski (Aug 02)
- RE: AOL hackings Jonathan A. Zdziarski (Aug 03)