Security Incidents mailing list archives
Re: Rooted Boxes
From: haji din <ahbh99 () YAHOO COM>
Date: Fri, 16 Feb 2001 12:03:27 -0800
yes, those ip#'s are dial-in boxes. i believe they're wingate's. the owners might not even know that their boxes have been used as proxies. --- "Christian W. Zuckschwerdt" <zany () TRIQ NET> wrote:
Some machine in a subnet behind our IDS has been rooted and abused for IRC-Clones etc. The logs show interactive(!) telnet access to that box from these IP#'s 202.188.25.163 TMnet Telekom Malaysia 202.188.192.38 -"- 202.151.196.75 Maxis Communications Berhad ISP 203.121.68.161 TIME Telecommunications Sdn Bhd Kuala Lumpur 209.57.44.142 Verio, Inc. 210.225.29.163 Nippon Jimuki Union (Japan) 210.163.139.31 Speed Internet Inc. (Japan) Are those dial-in boxes? If not is there any chance to contact the owners? cu. : Christian
__________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/
Current thread:
- Re: Rooted Boxes haji din (Feb 16)