Security Incidents mailing list archives

Re: Win2k hack attempt

From: "Robert G. Ferrell" <root () rgfsparc cr usgs gov>
Date: Tue, 2 Jan 2001 08:02:13 -0600

Looks a lot like RFP's RDS exploit, using the msadc2.pl script or very similar.
Details of that are at http://www.wiretrip.net/rfp/p/doc.asp?id=1&iface=2
Even if it is not, it is obviously a classic 'echo we are leet > index.htm'
style lame defacement, so chances are  they are not particularly skilled.


Yep, this is another lame attempt by T1ku5Rumput, a bush league script-kiddie
if ever there was one.

You'd better get over to the Microsoft site and
patch your IIS pronto, however. Hold onto that log (on read only media)
for future reference...

Cheers,

RGF

Robert G. Ferrell, CISSP
Information Systems Security Officer
National Business Center
U. S. Dept. of the Interior
Robert_G_Ferrell () nbc gov
========================================
 Who goeth without humor goeth unarmed.
========================================

Current thread:

FW: Win2k hack attempt Blake R. Swopes (Dec 31)
- <Possible follow-ups>
- Re: Win2k hack attempt Robert G. Ferrell (Jan 02)