attack strategy

[azimuth <lozah () io com>]

A good example of kiddie methods, probably pretty effective for
compromising a large number of hosts.  Attached are snort generated
excerpts from syslog and portscan.log.  Seems obvious what's going on:

16:39   Scan for a service.  Rpcbind / statd in this case.
17:07   Throw an exploit at systems running the service which will
install a backdoor if successful.
17:57   Scan for the port your backdoor runs on.

V/R
az

Attachment: 091900a
Description:

Attachment: 091900b
Description: