Security Incidents: by thread

Re: Bad protocol version identification '^V^C^A' jm (Nov 29 2002)
- RE: Bad protocol version identification '^V^C^A' Bojan Zdrnja (Dec 01 2002)
  - Re: Bad protocol version identification '^V^C^A' Matt Harris (Dec 02 2002)
- Re: Bad protocol version identification '^V^C^A' D.C. van Moolenbroek (Dec 01 2002)
RE: New scanner? Rob Shein (Dec 01 2002)
Re: TCP:80, TCP:1433 squelda 1.0 probe Joe Stewart (Dec 02 2002)
- Re: TCP:80, TCP:1433 squelda 1.0 probe John Sage (Dec 02 2002)
[Fwd: XSS on ICQ leading to password compromise] Rafael Coninck Teigao (Dec 02 2002)
Incident tracking database Danny (Dec 03 2002)
- Re: Incident tracking database Chip Mefford (Dec 04 2002)
  - what else you can do with worm networks...fun, profit, etc Anton A. Chuvakin (Dec 09 2002)
- Re: Incident tracking database Paul Gillingwater (Dec 04 2002)
- Re: Incident tracking database Steven Hong (Dec 04 2002)
- Re: Incident tracking database james (Dec 03 2002)
- Re: Incident tracking database Holger Kipp (Dec 04 2002)
  - Re: Incident tracking database Russell Fulton (Dec 04 2002)
    - Re: Incident tracking database Chris Adams (Dec 05 2002)
recent rds vuln Study List (Dec 04 2002)
A small quandary Mahoney, Paul (Dec 04 2002)
- RE: A small quandary Jerry Shenk (Dec 06 2002)
- RE: A small quandary Rob Shein (Dec 06 2002)
- Re: A small quandary H C (Dec 06 2002)
  - RE: A small quandary Bojan Zdrnja (Dec 09 2002)
- Re: A small quandary Mike Katz (Dec 06 2002)
- Re: A small quandary gminick (Dec 07 2002)
- Odd entries in my Security Router logs Julian Young (Dec 09 2002)
  - RE: Odd entries in my Security Router logs Jim Terry (Dec 10 2002)
    - RE: Odd entries in my Security Router logs Julian Young (Dec 10 2002)
  - RE: Odd entries in my Security Router logs Andrews, Jonathan (US - Hermitage) (Dec 10 2002)
    - RE: Odd entries in my Security Router logs Julian Young (Dec 11 2002)
    - Re: Odd entries in my Security Router logs Michael Sierchio (Dec 11 2002)
      - RE: Odd entries in my Security Router logs David Gillett (Dec 11 2002)
      - Re: Odd entries in my Security Router logs Valdis.Kletnieks_at_vt.edu (Dec 12 2002)
      - Re: Odd entries in my Security Router logs Valdis.Kletnieks_at_vt.edu (Dec 12 2002)
    - Re: Odd entries in my Security Router logs James C. Slora Jr. (Dec 11 2002)
      - Re: Odd entries in my Security Router logs HggdH (Dec 11 2002)
Black Ice small segment size FTP attack caused by FX-scanner Curt Wilson (Dec 05 2002)
netbios vuln ohnonono_at_hushmail.com (Dec 06 2002)
- Re: netbios vuln KoRe MeLtDoWn (Dec 08 2002)
- Re: netbios vuln H C (Dec 09 2002)
- Re: netbios vuln Valdis.Kletnieks_at_vt.edu (Dec 08 2002)
- Re: netbios vuln Nick FitzGerald (Dec 09 2002)
Does W2k issue an NBNS query automatically following each unsuccessful reverse DNS query? Jack Arenberg (Dec 07 2002)
high activity on port 3061 udp/tcp Marcelo Bartsch (Dec 06 2002)
Spam via proxy listuser (Dec 07 2002)
- Re: Spam via proxy Christopher X. Candreva (Dec 08 2002)
- Re: Spam via proxy Jefferson Ogata (Dec 09 2002)
- Re: Spam via proxy J.Francois (Dec 08 2002)
- Re: Spam via proxy Volker Tanger (Dec 09 2002)
- Re: Spam via proxy jlewis_at_lewis.org (Dec 08 2002)
- Re: Spam via proxy Joe Stewart (Dec 09 2002)
EBay Fraud Attempt Logan F.D. Greenlee (Dec 07 2002)
- Re: EBay Fraud Attempt Stephen Friedl (Dec 08 2002)
  - Re: EBay Fraud Attempt Stephen J. Friedl (Dec 10 2002)
- Re: EBay Fraud Attempt jlewis_at_lewis.org (Dec 08 2002)
  - Re: EBay Fraud Attempt Chris A. Mattingly (Dec 09 2002)
  - Re: EBay Fraud Attempt Kee Hinckley (Dec 09 2002)
- Re: EBay Fraud Attempt Waitman C. Gobble, II (Dec 08 2002)
- RE: EBay Fraud Attempt george.wasgatt_at_insurity.com (Dec 10 2002)
- RE: EBay Fraud Attempt OBrien, Brennan (Dec 10 2002)
- RE: EBay Fraud Attempt Chris Gordon (Dec 11 2002)
Fwd: EBay Fraud Attempt Dave Laird (Dec 09 2002)
- RE: EBay Fraud Attempt Carlo Costanzo (Dec 09 2002)
  - Re: EBay Fraud Attempt Dave Laird (Dec 09 2002)
  - Re: EBay Fraud Attempt Mark (Dec 11 2002)
strange attractors or weaknesses in Nimda's prng Russell Fulton (Dec 11 2002)
DNS help larosa, vjay (Dec 11 2002)
- RE: DNS help larosa, vjay (Dec 12 2002)
  - Re: DNS help Valdis.Kletnieks_at_vt.edu (Dec 12 2002)
  - Re: DNS help Matt Zimmerman (Dec 15 2002)
- RE: DNS help Tom Arseneault (Dec 12 2002)
- RE: DNS help Faron.Golden_at_Gunter.AF.mil (Dec 12 2002)
- Re: DNS help Valdis.Kletnieks_at_vt.edu (Dec 12 2002)
Rooted, .haos on system Damian Gerow (Dec 12 2002)
- Re: Rooted, .haos on system Damian Gerow (Dec 16 2002)
  - Re: Rooted, .haos on system Damian Gerow (Dec 16 2002)
    - Re: Rooted, .haos on system Mike Katz (Dec 16 2002)
    - Re: Rooted, .haos on system zeno (Dec 16 2002)
    - Re: Rooted, .haos on system Carlos Eduardo Pedroza Santiviago (Dec 16 2002)
      - Re: Rooted, .haos on system Damian Gerow (Dec 16 2002)
      - New CIFS (port 445) worm? David Gillett (Dec 17 2002)
      - Re: New CIFS (port 445) worm? Zen (Dec 17 2002)
  - Re[2]: Rooted, .haos on system Oliver.C.Rochford CFH (Dec 17 2002)
- Re: Rooted, .haos on system Mattias Hedenskog (Dec 16 2002)
  - Re: Rooted, .haos on system zeno (Dec 16 2002)
- Re: Rooted, .haos on system Julian Young (Dec 17 2002)
Logs: Many hits with source port of 80 Byrne Ghavalas (Dec 13 2002)
- Re: Many hits with source port of 80 Maxime Ducharme (Dec 16 2002)
- Re: Logs: Many hits with source port of 80 Valdis.Kletnieks_at_vt.edu (Dec 16 2002)
- RE: Logs: Many hits with source port of 80 James C Slora Jr (Dec 16 2002)
  - Re: Logs: Many hits with source port of 80 Byrne Ghavalas (Dec 16 2002)
    - Re: Logs: Many hits with source port of 80 Kevin Bowman (Dec 16 2002)
      - RE: Logs: Many hits with source port of 80 James C Slora Jr (Dec 16 2002)
- Re: Logs: Many hits with source port of 80 Russell Fulton (Dec 15 2002)
- Re: Logs: Many hits with source port of 80 Joe Stewart (Dec 16 2002)
Terminal Services / TsInternetUser [RMC-RUFLVP4] Romulo M. Cholewa (Dec 14 2002)
Win2k Audit Logs - What happened here? Johnny Walker (Dec 15 2002)
- RE: Win2k Audit Logs - What happened here? george.wasgatt_at_insurity.com (Dec 16 2002)
- Re: Win2k Audit Logs - What happened here? H C (Dec 16 2002)
fswserv.html ???? James-lists (Dec 16 2002)
- Re: fswserv.html ???? dev (Dec 16 2002)
  - Re: fswserv.html ???? Adam Bultman (Dec 17 2002)
    - Re: fswserv.html ???? james (Dec 17 2002)
- Re: fswserv.html ???? james (Dec 17 2002)
Iraq Oil worm Stephen Friedl (Dec 16 2002)
Worm on 445/tcp? Scott A.McIntyre (Dec 16 2002)
- RE: Worm on 445/tcp? OBrien, Brennan (Dec 17 2002)
- Re: Worm on 445/tcp? Scott Fendley (Dec 17 2002)
- Re: Worm on 445/tcp? Tom.Gast_at_walgreens.com (Dec 17 2002)
- Re: Worm on 445/tcp? Joe Blatz (Dec 17 2002)
  - Re: Worm on 445/tcp? james (Dec 17 2002)
- Re: Worm on 445/tcp? Stephen J. Friedl (Dec 17 2002)
  - Re: Worm on 445/tcp? Ryan Yagatich (Dec 17 2002)
- Re: Worm on 445/tcp? Stephen Friedl (Dec 17 2002)
- Re: Worm on 445/tcp? Kyle Lai (Dec 19 2002)
FW: Lioten Worm 135-139 and 445 Pricher Jeffrey Contr AFCA/GCF (Dec 17 2002)
IRC -> smtp worm? Joao Gouveia (Dec 17 2002)
- Re: IRC -> smtp worm? ��rhallur H�lfd�narson (Dec 18 2002)
- Re: IRC -> smtp worm? H C (Dec 18 2002)
- Re: IRC -> smtp worm? Eric Chien (Dec 18 2002)
abuse of open transparent proxies horape_at_tinuviel.compendium.net.ar (Dec 17 2002)
RPAT - Realtime Proxy Abuse Triangulation Stephen Friedl (Dec 20 2002)
- Re: RPAT - Realtime Proxy Abuse Triangulation Kurt Seifried (Dec 24 2002)
  - Re: RPAT - Realtime Proxy Abuse Triangulation Mathias Wegner (Dec 24 2002)
    - Re: RPAT - Realtime Proxy Abuse Triangulation Jay D. Dyson (Dec 27 2002)
      - Re: RPAT - Realtime Proxy Abuse Triangulation Kevin Reardon (Dec 27 2002)
      - RE: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Dec 27 2002)
      - Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30 2002)
    - Re: RPAT - Realtime Proxy Abuse Triangulation Gary Flynn (Dec 28 2002)
      - RE: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Dec 30 2002)
      - Re: RPAT - Realtime Proxy Abuse Triangulation Syzop (Dec 30 2002)
- Re: RPAT - Realtime Proxy Abuse Triangulation Stephen Friedl (Dec 24 2002)
- Re: RPAT - Realtime Proxy Abuse Triangulation Jay D. Dyson (Dec 27 2002)
  - Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30 2002)
    - Re: RPAT - Realtime Proxy Abuse Triangulation Jay D. Dyson (Dec 30 2002)
      - Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30 2002)
      - Virus? Trojan? David Gillett (Dec 30 2002)
      - Re: Virus? Trojan? Peter Kruse (Dec 30 2002)
hpd, afb, sc, and sn Gordon Chamberlin (Dec 20 2002)
- Re: hpd, afb, sc, and sn gminick (Dec 21 2002)
- Re: hpd, afb, sc, and sn Greg Barnes (Dec 20 2002)
- Re: hpd, afb, sc, and sn Brad Arlt (Dec 20 2002)
- RE: hpd, afb, sc, and sn Bojan Zdrnja (Dec 21 2002)
- Re: hpd, afb, sc, and sn deadcalm_at_treshna.com (Dec 22 2002)
port 3717/udp? Jacek Lipkowski (Dec 20 2002)
Compromised System RH7.3-ICMP-STP-DoS Ron Gedye (Dec 20 2002)
TsInternetUser priv. escalation; blank passwords; service passwords Curt Wilson (Dec 23 2002)
strange traffic securitynotice_at_cronus.cnicinc.com (Dec 22 2002)
- RE: strange traffic Rob Shein (Dec 24 2002)
Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second alfaentomega (Dec 23 2002)
- Re: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second Pavel Kankovsky (Dec 26 2002)
  - Re: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second alfaentomega (Dec 27 2002)
- Re: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second Fyodor (Dec 24 2002)
  - Re: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second alfaentomega (Dec 27 2002)
- RE: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second alfaentomega (Dec 27 2002)
- RE: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second Charles.Fasching_at_milestonesystems.com (Dec 26 2002)
  - RE: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second alfaentomega (Dec 27 2002)
  - RE: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second H C (Dec 27 2002)
- RE: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second Hornat, Charles (Dec 27 2002)
NIMDA - ceased ? - Tomo (Dec 25 2002)
- Re: NIMDA - ceased ? - Neil Dickey (Dec 27 2002)
  - Re: NIMDA - ceased ? - James C. Slora Jr. (Dec 27 2002)
- Re: NIMDA - ceased ? - Johannes Ullrich (Dec 27 2002)
- Re: NIMDA - ceased ? - Jay D. Dyson (Dec 27 2002)
- Re: NIMDA - ceased ? - Skip Carter (Dec 27 2002)
- Re: NIMDA - ceased ? - Roger Thompson (Dec 27 2002)