Security Incidents mailing list archives

RE: ftp

From: "Kent Hundley" <kent.hundley () prodigy net>
Date: Wed, 24 Apr 2002 13:59:01 -0700

There's also a pretty recent ftp vulnerability in Squid 2.4 STABLE3, which
was announced late Feb/early March, which is about the time I also started
seeing large numbers of scans for FTP.

Regards,
Kent

-----Original Message-----
From: Anton A. Chuvakin [mailto:anton () chuvakin org]
Sent: Wednesday, April 24, 2002 9:40 AM
To: gregory.kane () us army mil
Cc: incidents () securityfocus com
Subject: Re: ftp
Importance: High


Hello Greg and all,

Has anyone seen a recent increase in FTP attempts? I am getting hit all

We have a huge increase of FTP scans on our honeynet (hundreds per day).
They are likely produced by Linux Wu-FTPD autorooter (hits wu-ftpd up to
2.6.1, e.g. Linux RedHat up to 7.2). The software ('autowu v1.0') default
mode is to hit a B-class...

Best regards,
--
     Anton A. Chuvakin, Ph.D.
     http://www.chuvakin.org
   http://www.info-secure.org


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

ftp gregory . kane (Apr 24)
- Re: ftp Anton A. Chuvakin (Apr 24)
  - RE: ftp Kent Hundley (Apr 24)
    - Re: ftp Matt Zimmerman (Apr 24)