nanog mailing list archives
Re: FTP exploit?
From: Scott Francis <scott () virtualis com>
Date: Mon, 19 Mar 2001 13:20:59 -0800
On Mon, Mar 19, 2001 at 01:01:39PM -0800, Clayton Fiske had this to say:
Is there a (fairly) recent exploit for common ftp daemons going around lately? In the past several days, I've seen a very noticeable jump in the number of people attempting anonymous ftp logins. Typically I noticed it once or twice a week, and usually single attempts, but now they're coming in every few hours and they each make 4 attempts within a second (which is one per IP bound to the box I'm watching). It looks like it has to be some kind of script. Anyone else seeing any noticeable increases like this?
probably due to the increasingly long thread on vulnerabilities in ftpds that
is going on over in BUGTRAQ. Nothing too new, but every time a new 'sploit' is
released there, every kiddie on the block just has to try it.
--
Scott Francis scott@ [work:] v i r t u a l i s . c o m
Systems Analyst darkuncle@ [home:] d a r k u n c l e . n e t
PGP fingerprint 7ABF E2E9 CD54 A1A8 804D 179A 8802 0FBA CB33 CCA7
illum oportet crescere me autem minui
Current thread:
- FTP exploit? Clayton Fiske (Mar 19)
- Re: FTP exploit? Ben Beuchler (Mar 19)
- Re: FTP exploit? Scott Francis (Mar 19)
- Re: FTP exploit? ken harris. (Mar 19)
- Re: FTP exploit? Daniel Roesen (Mar 20)
- Re: FTP exploit? ken harris. (Mar 19)
- <Possible follow-ups>
- Re: FTP exploit? Spencer . Wood (Mar 19)