Charles Howes wrote:
Event one: A user at umn.edu forges mail (supposedly from helix.net).
Event two: A user at helix.net forges mail (supposedly from sfu.ca).
have any of the sites that received the request for /etc/passwd mail
from helix.net noticed any finger connects from usis.com? today, i've
noticed an inordinate amount of fingerd connects from usis.com -- more
than 2700 in the last 24 hours, but strangely enough, scant few in the
days before the past 24-hour period (4-7 a day before today).
i've notified usis.com, but haven't heard from them yet.