Re: Exodus / Clue problems

["Alex P. Rudnev" <alex () Relcom EU net>]

Btw, did anyone fixed the password they have trying? If did, send it to 
me and I'll compare it with my list of backdoored passwords used by 
russion hackers. May be, we'll identify this one exactly.






On Sun, 15 Nov 1998, Steve Gibbard wrote:

> Date: Sun, 15 Nov 1998 21:56:23 -0500 (EST)
> From: Steve Gibbard <scg () wwnet net>
> To: nanog () merit edu
> Subject: Re: Exodus / Clue problems
>
> We're seeing it here too.  It appears to have started around 9:10 pm on
> one server, and around 9:20 pm on the other.
>
> -Steve
>
> On Sun, 15 Nov 1998, William S. Duncanson wrote:
>
> > Seeing it here, too.
> >
> > At 18:52 11/15/98 -0500, Daniel Senie wrote:
> > > sigma () pair com wrote:
> > > > Let me guess - the IP is 209.67.50.254, and they're trying to login to
> > > > nameservers as "root", sometimes a dozen times per second?
> > >
> > > I'm seeing that IP address trying to telnet into my name servers (don't
> > > know if it's as root, since my filters are blocking them). I also see
> > > them trying to access IMAP on my servers.
> > >
> > > Dan
> > >
> > > -- 
> > > -----------------------------------------------------------------
> > > Daniel Senie                                        dts () senie com
> > > Amaranth Networks Inc.            http://www.amaranthnetworks.com
> >
> >
> > William S. Duncanson                      caesar () starkreality com
> > The driving force behind the NC is the belief that the companies who brought us
> > things like Unix, relational databases, and Windows can make an appliance that
> > is inexpensive and easy to use if they choose to do that.  -- Scott Adams 
>
> --
> Steve Gibbard
> WWNet System Administration
> +1 734 513-7707 x 2009
> http://www.wwnet.net

Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)