Educause Security Discussion mailing list archives

Re: Rogue FTP Servers

From: "Schmidt, Eric W" <erschmid () IUPUI EDU>
Date: Tue, 2 Nov 2004 16:39:15 -0500

You might look for an transfer log file as well.  It may identify other locations inside and outsude your network 
involved in the ftp file transfers you're sure to have.  I found one in one of our compromised workstations that had 22 
different outside networks included in the BotNet.

Eric W. Schmidt, CISSP, CISM
Chief Security Officer
IU School of Medicine

Eric W. Schmidt
--------------------------
Sent from my BlackBerry Wireless Handheld


-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv 
**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.

Current thread:

Re: Rogue FTP Servers, (continued)
- Re: Rogue FTP Servers Anderson, Brandie (Nov 02)
- Re: Rogue FTP Servers Jordan Wiens (Nov 02)
- Re: Rogue FTP Servers Elliott Franklin (Nov 02)
- Re: Rogue FTP Servers Justin Azoff (Nov 02)
- Re: Rogue FTP Servers Anderson, Brandie (Nov 02)
- Re: Rogue FTP Servers Todd Clementz (Nov 02)
- Re: Rogue FTP Servers Lucas, Bryan (Nov 02)
- Re: Rogue FTP Servers Geoff (Nov 02)
- Re: Rogue FTP Servers Brian Eckman (Nov 02)
- Re: Rogue FTP Servers Wyman Miles (Nov 02)
- Re: Rogue FTP Servers Schmidt, Eric W (Nov 02)
- Re: Rogue FTP Servers James H Moore (Nov 02)
- Re: Rogue FTP Servers RLVaughn (Nov 02)
- Re: Rogue FTP Servers Mark Wilson (Nov 03)
- Re: Rogue FTP Servers Jason Richardson (Nov 04)