Security Incidents: Re: big increase in ftp scanning

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: big increase in ftp scanning

From: Greg Owen <gowen () SOFTLOCK COM>
Date: Mon, 30 Oct 2000 13:36:16 -0500

i've seen a ton of ftp scans in the last week.


        I had three this weekend, one source in common with yours.

(212.83.90.123) cgmd90123.chello.nl
(24.28.122.195) cs28122-195.houston.rr.com
(202.107.222.172) (no PTR record)

        All appear to simply be traversing the tree and looking for writable
directories, rather than probing for compromise.

        This server has been running for just over a month and has had no
probes before this weekend.  Must be that time of the moon.
        
--
        gowen -- Greg Owen -- gowen () SoftLock com

By Date By Thread

Current thread:

Re: big increase in ftp scanning, (continued)
- Re: big increase in ftp scanning Jose Nazario (Nov 01)
- Re: big increase in ftp scanning Eilon Gishri (Nov 01)
  - Re: big increase in ftp scanning Gregory A Lundberg (Nov 01)
    - Re: big increase in ftp scanning Russell Fulton (Nov 02)
- Re: big increase in ftp scanning Sean Michael Whipkey (Nov 01)
- Re: big increase in ftp scanning Greg Owen (Nov 01)
  - Re: big increase in ftp scanning Michael Bush (Nov 02)
  - Re: big increase in ftp scanning Christopher Malek (Nov 05)
- Re: big increase in ftp scanning Mike A. Harris (Nov 02)
  - Re: big increase in ftp scanning Thomas Molina (Nov 05)
  - Re: big increase in ftp scanning Daniel Roesen (Nov 08)