Security Incidents mailing list archives
Re: Dumb ISP of the week
From: UnixGeek <ed () XWING CENTIGRAM COM>
Date: Mon, 21 Aug 2000 14:24:44 -0700
Oh don't even get me started on Pac Bell. I've been getting massive telnet and imap scans from one of their IP's (63.203.107.5), which appears to be a Linux box(and probably a rooted one). Think Pac Bell/SBC has even looked at my email yet? [keeping in mind the fact that I get my 'enhanced' DSL from PB/SBC as well] uGh.... Edward Mitchell Centigram Unix Geek, BOfH, Network Admin, Darth Sysadmin ed () xwing centigram com http://www.the7thbeer.com/ed Sheepish Lord of Chaos -------------------------------------------------------------- "Fear leads to anger. Anger leads to hate. Hate leads to using Windows NT for mission-critical applications." -- What Yoda *meant* to say On Mon, 21 Aug 2000, John Pettitt wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This weeks prize goes to Shawna at PacBell (aka SBC) - see belowDate: Mon, 21 Aug 2000 04:21:38 -0700 (PDT) From: support_replies () pacbell net Subject: Re : Security issue To: jpp () cloudview com Hello User jpp () cloudview com, I have received your email regarding your security issue. E-mail the postmaster from where the e-mail came. For instance, if the mail came from userID () someisp net, forward it and a complaint to postmaster () someisp net. This should resolve your issue. Thank you for choosing SBC Internet Services. Regards, Shawna Technical Analyst SBC Internet Services Try our online help at http://support.pacbell.net Remember its quick, hassle free, and is always available! ~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~ You Wrote : We detected the following security related activity from your network.To: root () cloudview com Subject: gatekeeper 08/19/00:04.59 system check Date: Sat, 19 Aug 2000 04:59:02 -0700 (PDT) From: root () cloudview com (Superuser) Security Violations =-=-=-=-=-=-=-=-=-= Aug 19 04:13:08 gatekeeper snort[5740]: IDS277 - NAMED Iquery Probe: 209.233.27.39:2482 -> 216.103.77.155:53 Aug 19 04:13:08 gatekeeper snort[5740]: MISC-DNS-version-query: 209.233.27.39:2482 -> 216.103.77.155:53Arrrgggghhh, John Pettitt Email: jpp () cloudview com "Attention spam" - The length of time it takes you to realize an email isn't worth reading. PGP keys on MIT & pgp.com servers. Fingerprint: 81B5 446D 3E0E 1CDE 5A45 644A A744 54C4 7886 3658 -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 Comment: Get my keys from the pgp.com LDAP server iQA/AwUBOaFxfKdEVMR4hjZYEQKEYACfUqNJKanGdEnOPVaJvTaMChXCAwEAn1Pl AIqjcKASK6+0u+QBSymJoHIB =y9tR -----END PGP SIGNATURE-----
Current thread:
- Dumb ISP of the week John Pettitt (Aug 21)
- Re: Dumb ISP of the week UnixGeek (Aug 21)
- Re: Dumb ISP of the week Wozz (Aug 22)
- Re: Dumb ISP of the week John Pettitt (Aug 22)
- Re: Dumb ISP of the week Wozz (Aug 22)
- Re: Dumb ISP of the week John Pettitt (Aug 22)
- <Possible follow-ups>
- Re: Dumb ISP of the week Scott Bishop (Aug 22)
- Re: Dumb ISP of the week Bryan Andersen (Aug 22)