nanog mailing list archives
Re: Port 139 scans
From: Dan Hollis <goemon () sasami anime net>
Date: Wed, 27 Sep 2000 11:58:26 -0700 (PDT)
On Wed, 27 Sep 2000, Jason Slagle wrote:
On a somewhat related note, since we obviously have AOL people living and they now own ICQ. irc.icq.com has been used for weeks for these kiddies to store various ddos clients on. Take a look at #0wned. All compromised machines. There are no live opers to deal with it, and emails to ircsupport () icq com go unanswered. Is there any way we can deal with things like this?
Route irc.icq.com to null0. If enough networks do this (or better, if tier1's do), maybe icq will get their head out of their ass and do something about it. -Dan
Current thread:
- Re: Disabling QAZ (was Re: Port 139 scans), (continued)
- Re: Disabling QAZ (was Re: Port 139 scans) John Fraizer (Sep 29)
- Re: Disabling QAZ (was Re: Port 139 scans) Dana Hudes (Sep 29)
- Re: Disabling QAZ (was Re: Port 139 scans) Mike Lewinski (Sep 29)
- Re: Disabling QAZ (was Re: Port 139 scans) Jason Slagle (Sep 30)
- Re: Disabling QAZ (was Re: Port 139 scans) Travis Pugh (Sep 30)
- Re: Disabling QAZ (was Re: Port 139 scans) Jason Slagle (Sep 30)
- Re: Disabling QAZ (was Re: Port 139 scans) John Fraizer (Sep 29)
- Re: Disabling QAZ (was Re: Port 139 scans) Mike Lewinski (Sep 29)
- Message not available
- Re: Port 139 scans Ben Browning (Sep 27)
- Re: Port 139 scans Jason Slagle (Sep 27)
- Re: Port 139 scans Dan Hollis (Sep 27)
- Re: Port 139 scans Kai Schlichting (Sep 27)
- Re: Port 139 scans Jared Mauch (Sep 27)