Security Incidents mailing list archives
Re: Linuxconf scanning
From: Jim Roland <jroland () ROLAND NET>
Date: Mon, 14 Aug 2000 00:29:45 -0500
Forget getting any further response from them. I sent a message to them when a RedHat 6.1 box I had was scanned and compromised with linuxconf (I closed the hole quickly) a customer of mine. I got the automated response they received my email, but nothing further from them ever again. That was over 3 months ago. Looks like the same guy is up to his old tricks again. Good Luck, Jim On Thu, 10 Aug 2000, Brian Sommers wrote:
Date: Thu, 10 Aug 2000 15:11:43 -0500 From: Brian Sommers <brian.sommers () CNALIFE COM> To: INCIDENTS () SECURITYFOCUS COM Subject: Re: Linuxconf scanning Just recently I did get a manual response from bora.net; I had sent a notice to both help () bora net and ipadm () bora net and received a reply that they were investigating. The message signature also had the following: ------------------------------ Security Staff, BORANet/DACOM E-mail : security () bora net phone : +82 2 6220 7413 fax : +82 2 6220 0340 -----------------------------------Original Message----- From: Dan Hollis [SMTP:goemon () ANIME NET] Sent: Wednesday, August 09, 2000 5:33 PM To: INCIDENTS () SECURITYFOCUS COM Subject: Re: [INCIDENTS] Linuxconf scanning On Tue, 8 Aug 2000, James Hoagland wrote:APNIC was having connection problems yesterday but I managed to get through to find out it was a Korean address and got b0048228 () users bora net as the contact adress from KRNIC. The IP seems to be part of BORANET in Kyongnam, Korea. I also e-mailed abuse () bora net. I haven't gotten any replies but haven't gotten any bounces either.bora.net never answers. i don't know if it is a language barrier or if bora.net is black hat, but it's enough for me to blackhole all of their IP space. -Dan
Current thread:
- Linuxconf scanning Ian Eure (Aug 08)
- Re: Linuxconf scanning jeff keith (Aug 09)
- Re: Linuxconf scanning James Hoagland (Aug 09)
- Re: Linuxconf scanning Dan Hollis (Aug 10)
- <Possible follow-ups>
- Re: Linuxconf scanning Frank Dauer (Aug 09)
- Re: Linuxconf scanning Brian Sommers (Aug 13)
- Re: Linuxconf scanning Jim Roland (Aug 14)
- Re: Linuxconf scanning Granquist, Lamont (Aug 22)
- Re: Linuxconf scanning Jim Roland (Aug 14)
- Re: Linuxconf scanning Granquist, Lamont (Aug 24)
- Re: Linuxconf scanning Jon Lewis (Aug 24)
- Re: Linuxconf scanning St. Arnaud, Jon (Aug 25)