Re: [Full-disclosure] Brain dead SSH scans from Italy

From: Etaoin Shrdlu (shrdlu_at_deaddrop.org)
Date: 10/28/05

  • Next message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-disclosure] Brain dead SSH scans from Italy" 
    Date: Fri, 28 Oct 2005 13:14:31 -0700
To: Full Disclosure <full-disclosure@lists.grok.org.uk>

    Etaoin Shrdlu wrote:
    >
    > Well, I'm stumped. I mean, really stumped.
    >
    > I've had a host scanning my network for the past three days...

    > I'm at a loss. If anyone knows Italian (I don't), and can contact one of:
    >
    > fabiom@uni.net
    > ennio.scheda@ocem.com
    > lucamarino@cassiopea.it
    >
    > or anyone at ocem.com, please, let them know that the machine is
    > compromised, and that they need to take it off line, and clean it up.

    Thanks to whomever finally got through, however you did it. I had actually
    allowed one host to start responding, and it had gotten to the part I
    always least understand, i.e. the tries for root's password. I mean,
    really, are there that many hosts out there with root accounts that can be
    guessed with an automated password guesser? Anyway, it suddenly stopped,
    and stopped attempting the other machine(s) as well. Whew.

    Thanks again. 

    --
There are two ways, my friend, that you can be rich in life.
One is to make a lot of money and the other is to have few needs.
William Sloane Coffin, "Letters to a Young Doubter"
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
  • Next message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-disclosure] Brain dead SSH scans from Italy"

    Relevant Pages

    • Re: 2 pc network - cant see host files from pc 2 on pc 1
      ... If the second card is lost on HOST PC then DSL Internet does not connect. ... Ditch the second network card in the one ...
      (microsoft.public.windowsxp.security_admin)
    • Re: Do I Have A Firewalled LAN Run By ISP In Between?
      ... from that host while at host ... running a layer within a layer, with a complex network address translation ... application called "Internet Connection Sharing". ... what those packets are for, ...
      (comp.security.firewalls)
    • RE: A question for the list...
      ... attempts to remove the virus from the host. ... -If a command can be given in a channel to "shut down" the network of hosts, ... wireless LANs require network security policies ... that are enforced to protect WLANs from known vulnerabilities and threats. ...
      (Incidents)
    • Re: DNS, DHCP and classes
      ... I can't help with the DNS and DHCP changes, but I do want to clarify what you're doing so that someone else may be able to help on where your problem may lie. ... DHCP is set up to recognise all three networks and ignore requests from the 10/24 network. ... All bits set on a host address is a broadcast address for that network. ...
      (uk.comp.os.linux)
    • Re: Forensic Survey, help needed for a research/training program
      ... forensics or network based forensics? ... Host based forensic questions ... system rather than shutting it down or disconnecting it from the network? ... Given a log file for an incident, what can you look for to determine ...
      (Security-Basics)