Security Incidents mailing list archives
Network Attack on my Home PC. Is it related to Kelvin at SEC33, You be the the judge...
From: <masterp () budlight com>
Date: 28 Jul 2001 19:58:57 -0000
Over the last 24 hours my Windows 98 Home PC has been repeatedly scanned from a single IP address. The IP address is registed to an IP Block that belongs to the brother of SEC33's Kelvin. I wonder if they are looking for my family vacation pictures? Maybe I am running the spider on my Win 98 Box? Maybe they are trying to break into my 98 box to try and VPN back into my employers network? I am an employee of a company that Kelvin seems to have a large amount of hate for. I am not sure what they are doing but I will contact their upstream provider on Monday and produce my logs. Kelvin is an ex employee of the company that he is consistantly spewing trash about and he has some very big personal problems. The question is, why is he so mad at his former employer? Why do any of the real security people on this web site listen and respond to his trash? Why do they quote him in articles on this site? He's a script kiddie that is mad at his ex employer. Here is a cut of the log for anyone who cares: FWIN,2001/07/28,12:06:22 -5:00 GMT,209.198.133.194:3007,66.68.168.38:876,TCP (flags:S) FWIN,2001/07/28,12:06:22 -5:00 GMT,209.198.133.194:3008,66.68.168.38:2020,TCP (flags:S) FWIN,2001/07/28,12:06:22 -5:00 GMT,209.198.133.194:3009,66.68.168.38:1433,TCP (flags:S) FWIN,2001/07/28,12:06:22 -5:00 GMT,209.198.133.194:3010,66.68.168.38:334,TCP (flags:S) FWIN,2001/07/28,12:06:22 -5:00 GMT,209.198.133.194:3011,66.68.168.38:241,TCP (flags:S) FWIN,2001/07/28,12:06:27 -5:00 GMT,209.198.133.194:3012,66.68.168.38:909,TCP (flags:S) FWIN,2001/07/28,12:06:27 -5:00 GMT,209.198.133.194:3013,66.68.168.38:406,TCP (flags:S) FWIN,2001/07/28,12:06:27 -5:00 GMT,209.198.133.194:3014,66.68.168.38:315,TCP (flags:S) FWIN,2001/07/28,12:06:27 -5:00 GMT,209.198.133.194:3015,66.68.168.38:2111,TCP (flags:S) FWIN,2001/07/28,12:06:27 -5:00 GMT,209.198.133.194:3016,66.68.168.38:5011,TCP (flags:S) FWIN,2001/07/28,12:06:27 -5:00 GMT,209.198.133.194:3017,66.68.168.38:828,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3018,66.68.168.38:1355,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3019,66.68.168.38:895,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3020,66.68.168.38:766,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3021,66.68.168.38:332,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3022,66.68.168.38:363,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3023,66.68.168.38:882,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3024,66.68.168.38:1537,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3025,66.68.168.38:1022,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3026,66.68.168.38:581,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3027,66.68.168.38:470,TCP (flags:S) FWIN,2001/07/28,12:06:28 -5:00 GMT,209.198.133.194:3028,66.68.168.38:593,TCP (flags:S) P.S. Loyal, remember this line: "The prosecution would like to enter into evidence logs from an employees home pc" You will have a chance to hear it. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Network Attack on my Home PC. Is it related to Kelvin at SEC33, You be the the judge... masterp (Jul 29)