Security Incidents: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

180 messages starting Feb 17 03 and ending Feb 04 03
Date index | Thread index | Author index

Alberto Cozer

Re: Web Defacement Alberto Cozer (Feb 17)

Alexander Reelsen

webserver probes for php detection Alexander Reelsen (Feb 13)

Alfred Huger

Summary of the responses (4 line ad) Alfred Huger (Feb 13)
The 4 line ad at the bottom of this post.. Alfred Huger (Feb 12)

Alif The Terrible

Re: FW: Packets from 255.255.255.255(80) (was: Packet from port 80 wi th spoofed microsoft.com ip) Alif The Terrible (Feb 07)

Anders Reed Mohn

RE: ALEVRIUS! Anders Reed Mohn (Feb 11)
RE: ALEVRIUS! Anders Reed Mohn (Feb 07)

Anders Thulin

Re: Weird Profile in Documents and Settings Anders Thulin (Feb 21)
Re: ICMP Destination Unreachable, Administratively Prohibited Anders Thulin (Feb 14)

Andy Bastien

Re: email address probes Andy Bastien (Feb 07)
email address probes Andy Bastien (Feb 05)

Anthony Kim

Re: ICMP Destination Unreachable, Administratively Prohibited Anthony Kim (Feb 14)

Austin Ehlers

RE: Weird Profile in Documents and Settings Austin Ehlers (Feb 21)

Axel Beckert - ecos gmbh

Re: email address probes Axel Beckert - ecos gmbh (Feb 06)

Baklarz, Ron

RE: Increased Kuang2 activity Baklarz, Ron (Feb 10)

bob

Re: ICQ problem. bob (Feb 21)

Bojan Zdrnja

Re: Weird Windows logon attempts Bojan Zdrnja (Feb 24)

Boyan Krosnov

RE: FTP/Port 1038 Boyan Krosnov (Feb 04)

Brad Arlt

Re: email address probes Brad Arlt (Feb 06)
Re: email address probes Brad Arlt (Feb 07)

Brad Griffin

RE: www.nopop.net Brad Griffin (Feb 17)

Brenna Primrose

RE: Suspicious file on Desktop Brenna Primrose (Feb 10)

Carmen Tache

RE: Weird apache logs Carmen Tache (Feb 26)

Chris Brenton

Re: ICMP Destination Unreachable, Administratively Prohibited Chris Brenton (Feb 13)

Christian Vogel

Re: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Christian Vogel (Feb 05)

Christopher Hummert

RE: Weird Profile in Documents and Settings Christopher Hummert (Feb 22)

Christopher Lyon

S4T4N1C Web Defacement Christopher Lyon (Feb 13)

Chuck Swiger

Re: logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit... Chuck Swiger (Feb 12)
logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit... Chuck Swiger (Feb 10)

Dan Hanson

Incident Focus Area Article Announcement Dan Hanson (Feb 25)
Dead thread -- Distributed spam-based DoS in progress Dan Hanson (Feb 19)
Incidents list administrivia and introductions... Dan Hanson (Feb 15)

Dan Harpold

Web server crashed, now is trying to contact an IP by port 80 every morning. Dan Harpold (Feb 24)
RE: Web server crashed, now is trying to contact an IP by port 80 every morning. Dan Harpold (Feb 25)

Dan Perez

RE: S4T4N1C Web Defacement Dan Perez (Feb 13)

Dave Aitel

Re: Scans on TCP port 135 Dave Aitel (Feb 21)

davec

RE: Increased Kuang2 activity davec (Feb 10)

Dave Hart

RE: Distributed spam-based DoS in progress Dave Hart (Feb 19)
RE: Distributed spam-based DoS in progress Dave Hart (Feb 18)

Dave Laird

Re: email address probes Dave Laird (Feb 06)

David Gillett

RE: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) David Gillett (Feb 02)

David Hodges

Re: ftp server compromised David Hodges (Feb 12)

D.C. van Moolenbroek

Re: More /sumthin D.C. van Moolenbroek (Feb 27)

Denis Dimick

RE: ftp server compromised Denis Dimick (Feb 13)

Eric Greenberg

Correction: www.ethereal.com not www.ethereal.org RE: Suspicious file on Desktop Eric Greenberg (Feb 10)
RE: Suspicious file on Desktop Eric Greenberg (Feb 10)

Fitzgerald, John

RE: Packets from 255.255.255.255(80) (was: Packet from port 80 wi th spoofed microsoft.com ip) Fitzgerald, John (Feb 05)
RE: Packets from 255.255.255.255(80) (was: Packet from port 80 wi th spoofed microsoft.com ip) Fitzgerald, John (Feb 05)

Frederic Harster

Re: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Frederic Harster (Feb 05)

Geert Kiers

ALEVRIUS! Geert Kiers (Feb 06)
Re: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Geert Kiers (Feb 03)

Gene Yoo

Re: Weird Profile in Documents and Settings Gene Yoo (Feb 21)

Gordon Ewasiuk

Questions: LKM, yoyo & rootkits Gordon Ewasiuk (Feb 21)

Greg A. Woods

Re: email address probes Greg A. Woods (Feb 06)

Greg Wiedeman

Weird Profile in Documents and Settings Greg Wiedeman (Feb 20)

Guy Reisenauer

Re: Packets from 255.255.255.255(80) Guy Reisenauer (Feb 03)

Hamid

DoS Attacks, Detecting the Source, and Service Providers Hamid (Feb 04)

Harry Hoffman

Weird Windows logon attempts Harry Hoffman (Feb 23)

H C

Re: Netbios Name Scans/opaserv worm H C (Feb 06)
Re: DoS Attacks, Detecting the Source, and Service Providers H C (Feb 05)
Re: UDP traffic on Port 52798 H C (Feb 13)
Re: Weird Windows logon attempts H C (Feb 25)

H D Moore

Re: /sumthin Revisited H D Moore (Feb 02)

HggdH

Re: S4T4N1C Web Defacement HggdH (Feb 13)

Holstein, Michael

Remote Access Software (Wireless Devices) Holstein, Michael (Feb 26)

Hoof Hearted

FTP/Port 1038 Hoof Hearted (Feb 05)

http-equiv () excite com

Interesting http-equiv () excite com (Feb 27)

Hugo van der Kooij

Re: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Hugo van der Kooij (Feb 05)
RE: Distributed spam-based DoS in progress Hugo van der Kooij (Feb 19)
Re: Distributed spam-based DoS in progress Hugo van der Kooij (Feb 18)

Hulio Cortez

Re: Packet from port 80 with spoofed microsoft.com ip Hulio Cortez (Feb 02)

Jacco Tunnissen

Re: Weird Windows logon attempts Jacco Tunnissen (Feb 24)

james

Re: email address probes james (Feb 06)
Re: DoS Attacks, Detecting the Source, and Service Providers james (Feb 04)

James C Slora Jr

RE: ALEVRIUS! James C Slora Jr (Feb 07)
RE: Increased Kuang2 activity James C Slora Jr (Feb 10)
RE: Increased Kuang2 activity James C Slora Jr (Feb 10)

James Kelly

RE: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) James Kelly (Feb 05)

Jasmine

Re: Kuang2 strikes again, is it just me? Jasmine (Feb 16)

Jason Dixon

Increased Kuang2 activity Jason Dixon (Feb 10)
RE: Increased Kuang2 activity Jason Dixon (Feb 10)

Jeff

Re: Kuang2 strikes again, is it just me? Jeff (Feb 16)

Jeff Kell

Kuang2 on the rise... Jeff Kell (Feb 10)
Kuang2 strikes again, is it just me? Jeff Kell (Feb 15)

Jennifer Fountain

RE: Increased Kuang2 activity Jennifer Fountain (Feb 10)

jet

Re: logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit... jet (Feb 12)

Joel Tyson

RE: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Joel Tyson (Feb 03)

Joe Stewart

Re: Speedera Ping, was "Packets from 255.255.255.255(80), etc." Joe Stewart (Feb 05)

Johannes Ullrich

Re: Kuang2 strikes again, is it just me? Johannes Ullrich (Feb 16)
Re: Increased Kuang2 activity Johannes Ullrich (Feb 10)

Johann Kruse

RE: email address probes Johann Kruse (Feb 06)

John Sage

Re: port 17300 probe fingerprint analysis John Sage (Feb 18)

Jonathan A. Zdziarski

RE: More /sumthin Jonathan A. Zdziarski (Feb 26)

Jon Rublack

Re: www.nopop.net Jon Rublack (Feb 17)

Jordan K Wiens

Re: Identity theft scam against eBay users Jordan K Wiens (Feb 10)

Jyri Hovila

Re[2]: Weird Profile in Documents and Settings Jyri Hovila (Feb 21)

Kee Hinckley

ZOMBIES_HTTP_GET Kee Hinckley (Feb 02)
Re: email address probes Kee Hinckley (Feb 06)
Re: Distributed spam-based DoS in progress Kee Hinckley (Feb 19)

Kenneth Wilson

UDP traffic on Port 52798 Kenneth Wilson (Feb 13)

Kevin Patz

Scans on TCP port 135 Kevin Patz (Feb 20)
Re: Kuang2 strikes again, is it just me? Kevin Patz (Feb 18)

Klayton Monroe

WebJob 1.2.3 Released Klayton Monroe (Feb 21)
FTimes 3.2.0 Released Klayton Monroe (Feb 21)

Kurt Seifried

Re: Increased Kuang2 activity Kurt Seifried (Feb 10)

kyle

mIRC Trojan Variant - port 445 worm/Trojan kyle (Feb 17)

Levinson, Karl

RE: Web server crashed, now is trying to contact an IP by port 80 every morning. Levinson, Karl (Feb 25)

Logan F.D. Greenlee

RE: Increased Kuang2 activity Logan F.D. Greenlee (Feb 10)
RE: Increased Kuang2 activity Logan F.D. Greenlee (Feb 10)

lsi

Re: Web server crashed, now is trying to contact an IP by port 80 every morning. lsi (Feb 25)

Lucas Zaichkowsky

RE: Weird Profile in Documents and Settings Lucas Zaichkowsky (Feb 21)

Mark E. Donaldson

RE: ftp server compromised Mark E. Donaldson (Feb 12)
RE: Traffic on UDP 1815 Mark E. Donaldson (Feb 12)

Mary McAllister

RE: Weird Windows logon attempts Mary McAllister (Feb 26)

Matthew Breitenstine

Re: Identity theft scam against eBay users Matthew Breitenstine (Feb 10)

Meritt James

Re: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Meritt James (Feb 05)

Michael LaSalvia

RE: Suspicious file on Desktop Michael LaSalvia (Feb 10)

Michel Angelo da Silva Pereira

Re: S4T4N1C Web Defacement Michel Angelo da Silva Pereira (Feb 13)
Re: S4T4N1C Web Defacement Michel Angelo da Silva Pereira (Feb 13)

Mr . Day

Spies on Your PC HDrv Mr . Day (Feb 14)

Ned Fleming

Re: email address probes Ned Fleming (Feb 06)

Neil Dickey

Speedera Ping, was "Packets from 255.255.255.255(80), etc." Neil Dickey (Feb 05)
ICMP Destination Unreachable, Administratively Prohibited Neil Dickey (Feb 13)

NESTING, DAVID M (SBCSI)

RE: Weird apache logs NESTING, DAVID M (SBCSI) (Feb 26)

NetSec Analyst

RE: ALEVRIUS! NetSec Analyst (Feb 10)

Nicholas Weaver

The Spread of the Sapphire/Slammer Worm Nicholas Weaver (Feb 02)

Nick FitzGerald

Re: Identity theft scam against eBay users Nick FitzGerald (Feb 11)

Pascal Bouchareine

www.nopop.net Pascal Bouchareine (Feb 17)

Patrick Bryant

Re: Identity theft scam against eBay users Patrick Bryant (Feb 10)
Identity theft scam against eBay users Patrick Bryant (Feb 10)
Re: Identity theft scam against eBay users Patrick Bryant (Feb 11)

Patrick Fish

Suspicious file on Desktop Patrick Fish (Feb 10)

Patrick R. Sweeney

Re: Weird Profile in Documents and Settings Patrick R. Sweeney (Feb 21)

Pat Wilson

Re: Packet from port 80 with spoofed microsoft.com ip Pat Wilson (Feb 02)

Paul Dokas

Re: Kuang2 strikes again, is it just me? Paul Dokas (Feb 17)

PAUL_TAYLOR

Re: Suspicious file on Desktop PAUL_TAYLOR (Feb 10)

perrieror

RE: FTP/Port 1038 perrieror (Feb 13)

Philipp Hug

Re: More /sumthin Philipp Hug (Feb 26)

psion

Re: ftp server compromised psion (Feb 13)

Rafael Coninck Teigao

Re: ICQ problem. Rafael Coninck Teigao (Feb 24)

rbelchez

ftp server compromised rbelchez (Feb 12)

Rev. Kronovohr

RE: Increased Kuang2 activity Rev. Kronovohr (Feb 10)

Ricardo Castanho de Oliveira Freitas

Re: Web Defacement Ricardo Castanho de Oliveira Freitas (Feb 14)

Richard Rager

Re: logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit... Richard Rager (Feb 11)

Rob Shein

RE: ALEVRIUS! Rob Shein (Feb 07)
RE: Weird Profile in Documents and Settings Rob Shein (Feb 20)
RE: email address probes Rob Shein (Feb 07)
RE: Kuang2 strikes again, is it just me? Rob Shein (Feb 16)
RE: DoS Attacks, Detecting the Source, and Service Providers Rob Shein (Feb 05)

rocky_scotti

Netbios Name Scans/opaserv worm rocky_scotti (Feb 06)

Rohan Amin

Re: Distributed spam-based DoS in progress Rohan Amin (Feb 20)

root@darks

Re: logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit... root@darks (Feb 12)

Royans Tharakan

port 17300 probe fingerprint analysis Royans Tharakan (Feb 18)

Russell Fulton

Re: ICMP Destination Unreachable, Administratively Prohibited Russell Fulton (Feb 13)
Re: Weird Windows logon attempts Russell Fulton (Feb 26)

Sahr, Kenneth

RE: Traffic on UDP 1815 Sahr, Kenneth (Feb 12)
Traffic on UDP 1815 Sahr, Kenneth (Feb 11)

Salisko, Rick

RE: ALEVRIUS! Salisko, Rick (Feb 07)

Scott Harris

Re: ano () ano com ftpd dip.t-dialin.net Scott Harris (Feb 16)

Security

Possible stateful filtering problem? Security (Feb 21)
Re: S4T4N1C Web Defacement security (Feb 14)

Steve Drees

RE: Distributed spam-based DoS in progress Steve Drees (Feb 19)

Sven Pechler

Possible new backdoor: mspx-smss.exe ? Sven Pechler (Feb 21)
Re: Possible new backdoor: mspx-smss.exe ? Sven Pechler (Feb 27)

Terence Runge

RE: Weird Windows logon attempts Terence Runge (Feb 24)

Thiago Madeira de Lima

ICQ problem. Thiago Madeira de Lima (Feb 21)

Thierry Zoller

RE: Increased Kuang2 activity Thierry Zoller (Feb 10)

Thomas Giudice

Re: Identity theft scam against eBay users Thomas Giudice (Feb 11)

Tibor Biro

Re: ftp server compromised Tibor Biro (Feb 12)

Tim Heagarty

RE: Kuang2 strikes again, is it just me? Tim Heagarty (Feb 17)

Tom Arseneault

RE: Packets from 255.255.255.255(80) (was: Packet from port 80 wi th spoofed microsoft.com ip) Tom Arseneault (Feb 05)

Transistor Sister

Re: Distributed spam-based DoS in progress Transistor Sister (Feb 19)
Distributed spam-based DoS in progress Transistor Sister (Feb 17)

Travis Read

Weird apache logs Travis Read (Feb 26)

Trevor Metzger

RE: Kuang2 strikes again, is it just me? Trevor Metzger (Feb 16)

Valdis . Kletnieks

Re: ICMP Destination Unreachable, Administratively Prohibited Valdis . Kletnieks (Feb 14)
Re: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Valdis . Kletnieks (Feb 05)
Re: Distributed spam-based DoS in progress Valdis . Kletnieks (Feb 18)

william . miller

Re: port 17300 probe fingerprint analysis william . miller (Feb 19)

zmajd fully

Re: Packet from port 80 with spoofed microsoft.com ip zmajd fully (Feb 04)

Previous period

Next period