nanog mailing list archives
Re: Exodus / Clue problems
From: "Roeland M.J. Meyer" <rmeyer () mhsc com>
Date: Sun, 15 Nov 1998 20:37:20 -0800
I was getting ready to do a SAINT run on the IP address to find out (I needed the practice) when the initial ping timed out. <sigh> At 10:54 PM 11/15/98 -0500, TTSG wrote:
I have received a call from Exodus. The machine (209.67.50.254) has been removed from the network by request of the owner of the box.Great!, but.............. a) Did they end up obtaining access to another site and will begin there? b) WAS the origination actually the box as people have claimed, or was it spoofed? c) There was a report that it had stopped earlier (As seen below from Roeland), is anyone still seeing it? d) Was the box just YANKED, or did someone actually try to find out if there was someone/something on it and where its origin is? Tuc/TTSGJames At 07:22 PM 11/15/98 -0800, Roeland M.J. Meyer wrote:Sombody musta got them, 'cause their gone now. At 06:25 PM 11/15/98 -0600, William S. Duncanson wrote:Seeing it here, too. At 18:52 11/15/98 -0500, Daniel Senie wrote:sigma () pair com wrote:Let me guess - the IP is 209.67.50.254, and they're trying to login to nameservers as "root", sometimes a dozen times per second?I'm seeing that IP address trying to telnet into my name servers (don't know if it's as root, since my filters are blocking them). I also see them trying to access IMAP on my servers. Dan -- ----------------------------------------------------------------- Daniel Senie dts () senie com Amaranth Networks Inc. http://www.amaranthnetworks.comWilliam S. Duncanson caesar () starkreality com The driving force behind the NC is the belief that the companies whobrought usthings like Unix, relational databases, and Windows can make an appliancethatis inexpensive and easy to use if they choose to do that. -- Scott
Adams
___________________________________________________ Roeland M.J. Meyer, ISOC (InterNIC RM993) e-mail: <mailto:rmeyer () mhsc com>rmeyer () mhsc com Internet phone: hawk.mhsc.com Personal web pages: <http://www.mhsc.com/~rmeyer>www.mhsc.com/~rmeyer Company web-site: <http://www.mhsc.com/>www.mhsc.com/ ___________________________________________ Who is John Galt? "Atlas Shrugged" - Ayn RandJames McKenzie mcs () 1ipnet net http://www.1ipnet.net
___________________________________________________ Roeland M.J. Meyer, ISOC (InterNIC RM993) e-mail: <mailto:rmeyer () mhsc com>rmeyer () mhsc com Internet phone: hawk.mhsc.com Personal web pages: <http://www.mhsc.com/~rmeyer>www.mhsc.com/~rmeyer Company web-site: <http://www.mhsc.com/>www.mhsc.com/ ___________________________________________ Who is John Galt? "Atlas Shrugged" - Ayn Rand
Current thread:
- Re: Exodus / Clue problems, (continued)
- Re: Exodus / Clue problems James McKenzie (Nov 15)
- Re: Exodus / Clue problems TTSG (Nov 15)
- Re: Exodus / Clue problems James McKenzie (Nov 15)
- Re: Exodus / Clue problems TTSG (Nov 15)
- Re: Exodus / Clue problems Adam Rothschild (Nov 15)
- Re: Exodus / Clue problems Alex "Mr. Worf" Yuriev (Nov 16)
- Re: Exodus / Clue problems TTSG (Nov 16)
- Re: Exodus / Clue problems Christopher E. Brown (Nov 16)
- Re: Exodus / Clue problems just me. (Nov 16)
- Re: Exodus / Clue problems TTSG (Nov 16)
- Re: Exodus / Clue problems Roeland M.J. Meyer (Nov 15)
- Re: Exodus / Clue problems Alex P. Rudnev (Nov 16)
- Re: Exodus / Clue problems Jeff Carneal (Nov 16)
- Re: Exodus / Clue problems Dan Hollis (Nov 15)
- Re: Exodus / Clue problems Jon Lewis (Nov 15)
- Re: Exodus / Clue problems TTSG (Nov 15)
- Re: Exodus / Clue problems TTSG (Nov 15)