Home page logo

nanog logo nanog mailing list archives

Re: black hat .cn networks
From: "Justin Hinderliter" <justin () interaccess com>
Date: Mon, 7 May 2001 14:39:08 -0500

The past week i've seen attacks increase 5-fold, mostly 111/udp attacks
mixed with some lpr and ftp on the side. Also lots of http scanning, which
I havent seen in quite a while.

Yep, I'd seen them try port 111 scans as well from different hosts, but
since I never run RPC services, they didn't get anything off those.  I
usually don't run http services either, but in this case got caught with my
pants down on a temporary exception.  I was a few versions behind on apache,
however, as I just found out, which I'm sure didn't help the situation.

Well, back to the autopsy.

Take care and be well.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]