<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Security Incidents: Re: big increase in ftp scanning

Re: big increase in ftp scanning

From: Greg Owen <gowen_at_SOFTLOCK.COM>
Date: Mon, 30 Oct 2000 13:36:16 -0500

> i've seen a ton of ftp scans in the last week.

I had three this weekend, one source in common with yours.

(212.83.90.123) cgmd90123.chello.nl
(24.28.122.195) cs28122-195.houston.rr.com
(202.107.222.172) (no PTR record)

All appear to simply be traversing the tree and looking for writable
directories, rather than probing for compromise.

This server has been running for just over a month and has had no
probes before this weekend. Must be that time of the moon.

--
	gowen -- Greg Owen -- gowen_at_SoftLock.com

Received on Nov 01 2000

This message: [ Message body ]
Next message: TJ Jablonowski: "Re: New Trojan????"
Previous message: Crist Clark: "Load Balancing Protocol (was Re: your mail)"
Maybe in reply to: David Knaack: "Re: big increase in ftp scanning"
Next in thread: Michael Bush: "Re: big increase in ftp scanning"
Reply: Michael Bush: "Re: big increase in ftp scanning"
Reply: Christopher Malek: "Re: big increase in ftp scanning"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos