Security Incidents: Re: big increase in ftp scanning

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: big increase in ftp scanning

From: Keith Owens <kaos () OCS COM AU>
Date: Wed, 8 Nov 2000 12:26:29 +1100

On Tue, 7 Nov 2000 16:53:34 -0500,
Tuc <ttsg () TTSG COM> wrote:

On Tue, Oct 31, 2000 at 11:29:26PM -0500, Mike A. Harris wrote:

I had a machine compromised from a t-dialin machine in germany
about a vmonth ago.  I got zero response from them.

      I've sent about 5 different machines we've gotten probed by
in their space in the last 6 months all with no replies.

      We actually considered just NULL0ing the entire space they own.


<aol>Me too</aol>.  I have seen repeated DNS over TCP, ftp and other
scans from dip.t-dialin.net addresses.  Complaints to abuse () t-ipnet de
get zero response.  In the end I just blocked 212.185.223.0/24.

By Date By Thread

Current thread:

Re: big increase in ftp scanning, (continued)
- Re: big increase in ftp scanning Mike A. Harris (Nov 02)
  - Re: big increase in ftp scanning Thomas Molina (Nov 05)
  - Re: big increase in ftp scanning Daniel Roesen (Nov 08)
    - Re: big increase in ftp scanning Tuc (Nov 08)
    - Re: big increase in ftp scanning Keith Owens (Nov 09)
    - Re: big increase in ftp scanning Jan Muenther (Nov 11)
    - Re: big increase in ftp scanning Russell Fulton (Nov 13)
    - Re: big increase in ftp scanning Andreas Ferber (Nov 14)
    - Re: big increase in ftp scanning Jan Muenther (Nov 14)
    - Re: big increase in ftp scanning Florian Weimer (Nov 15)