Full Disclosure mailing list archives
RE: quit the dumd chat man!!
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Thu, 21 Aug 2003 17:42:39 -0500
-----Original Message----- From: Ferris, Robin [mailto:R.Ferris () napier ac uk] Sent: Thursday, August 21, 2003 11:08 AM To: full-disclosure () lists netsys com Subject: [Full-disclosure] quit the dumd chat man!!
we had a honey pot hit by some canny FTP kiddies using the RPC flaw to load up an FTP server that ran as a service and also then execute a predifned further attack on some specific IP's any one else seen this. very similar exploit to nachia "whatever its called" worm
This has been going on for at least a week now. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- quit the dumd chat man!! Ferris, Robin (Aug 21)
- New usages of the RPC exploit (was: quit the dumd chat man!!) Michael Mueller (Aug 21)
- <Possible follow-ups>
- RE: quit the dumd chat man!! Schmehl, Paul L (Aug 21)
