Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Mail and web server attack
From: tomas.sjostrom () PICENG SE (Tomas )
Date: Thu, 9 Mar 2000 16:06:31 -0000

I recently detected several sloppy intrusion attempts on my 
web and mail server. The attempts originated from ip 
- 209.161.238.144, 207.226.241.155, and 208.184.216.202. 
Logins were attempted via telnet, pop3 and imap (command 
stream owerflow for the last two). Additionally, the PHF.CGI 
exploit was attempted followed by the scripts TEST.CGI and 
HANDLER.CGI. 

The above mentioned networks have been informed of the 
contacts, but if anyone has seen anything similar from those 
networks let me know. 

Tomas Sjöström

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]