Security Incidents mailing list archives
Anti-Death Penalty
From: bugtraq () NETWORKICE COM (Robert Graham)
Date: Wed, 26 Jan 2000 15:25:00 -0800
FYI: Recently, we are seeing what appears to be scans by @Home against their own customers for NTTP and HTTP servers. I haven't talked to them, but my guess that this has something to do with the recent USENET Death Penalty that was called against them for the amount of spam coming through their networks. At the time, their claim was that the spam was not coming directly from their own servers, but from servers run by customers. My belief is that they are hunting for open NTTP and HTTP proxies run by their customers in order to stem this spam. Note: I believe that running such servers is violation of their service agreement. Note: The reverse DNS lookup usually gives ops-scan.home.net Note: If you are running a personal firewall, what you'd see is a connection attempt against TCP ports 80 and 119. Apparently, they aren't looking for anything else at this time (like SOCKS at port 1080, squid at 3128, or anything else). Rob.
Current thread:
- Got scaned again, (continued)
- Got scaned again C. (Jan 24)
- ? C. (Jan 24)
- Re: ? Mike Tancsa (Jan 24)
- Re: ? Brock Sides (Jan 24)
- Re: unapproved AXFR Russell Fulton (Jan 24)
- No Idea CN (Jan 25)
- PC Anywhere client seems to probe class C of connected networks Troy Ablan (Jan 25)
- Re: PC Anywhere client seems to probe class C of connected networks Steve Ellermann (Jan 26)
- Re: PC Anywhere client seems to probe class C of connected networks Paul L Schmehl (Jan 26)
- Re: PC Anywhere client seems to probe class C of connected networks Jose Nazario (Jan 26)
- Anti-Death Penalty Robert Graham (Jan 26)
- Re: Anti-Death Penalty Derek Moeller (Jan 28)
- Re: Anti-Death Penalty Robert Graham (Jan 28)
- BOGUS.IvCD File Jonathan A. Zdziarski (Jan 26)
- Re: BOGUS.IvCD File Vanja Hrustic (Jan 27)
- Re: PC Anywhere client seems to probe class C of connected networks Robert Graham (Jan 26)
- Probes to tcp 2766 ('System V Listner') Russell Fulton (Jan 26)
- Re: No Idea Paul L Schmehl (Jan 25)
- Re: No Idea Robert Graham (Jan 25)
- Possible Probe = Possible Malfunction Ron Gula (Jan 25)
- Possible attemt at hacking? Geir A. Bjune (Jan 25)