SecurityFocus Incidents
By Thread

Starting: 12/01/01
Ending: 12/31/01

• port 6699 scans Brad (12/30/01)
  • Re: port 6699 scans David Correa (12/31/01)
• Possible ICMP DOS spoofed to Nameservers? Richard Gilman (12/30/01)
  • Re: Possible ICMP DOS spoofed to Nameservers? Ryan Russell (12/31/01)
  • Re: Possible ICMP DOS spoofed to Nameservers? Gary Losito (12/31/01)
  • Re: Microsoft's Early Xmas Present. mcoleman (12/30/01)
    • Re: Microsoft's Early Xmas Present. Valdis.Kletnieks@vt.edu (12/31/01)
  • Re: Microsoft's Early Xmas Present. Ryan Russell (12/30/01)
• port 9274? John Kinsella (12/28/01)
  • RE: port 9274? Royans Tharakan (12/28/01)
• RST.b Ryan Russell (12/28/01)
• Request For Hack ! Nexus (12/25/01)
  • Re: Request For Hack ! stefmit@starband.net (12/26/01)
  • RE: Request For Hack ! Eric Parent (12/26/01)
  • RE: Request For Hack ! Omar Koudsi (12/26/01)
  • RE: Request For Hack ! Chad Cyrisse (12/27/01)
• NT Compromise -- Update -- SRC PORT: 53 traffic Loki (12/24/01)
  • RE: NT Compromise -- Update -- SRC PORT: 53 traffic Bill Royds (12/24/01)
    • RE: NT Compromise -- Update -- SRC PORT: 53 traffic Alvin Oga (12/26/01)
  • Re: NT Compromise -- Update -- SRC PORT: 53 traffic Joep Gommers (12/25/01)
• SNMP scans, DoS and a VIP crash Kneppers (12/24/01)
  • RE: SNMP scans, DoS and a VIP crash Tyrannis Von Nettesheim (12/26/01)
• NT Compromise -- UPDATE (UDP Flood SRC=53) Loki (12/24/01)
  • Re: NT Compromise -- UPDATE (UDP Flood SRC=53) Mike Lewinski (12/24/01)
• some "scanned with SSH-1.0-SSH_Version_Mapper. Don't panic." in syslog Steffen Dettmer (12/22/01)
  • Re: some "scanned with SSH-1.0-SSH_Version_Mapper. Don't panic." in syslog Sebastian Jaenicke (12/23/01)
  • Re: some "scanned with SSH-1.0-SSH_Version_Mapper. Don't panic." in syslog Matthew D. Close (12/24/01)
    • Re: some "scanned with SSH-1.0-SSH_Version_Mapper. Don't panic." in syslog Jose Nazario (12/27/01)
• DDoS Attacks to several Networks (Switzerland) michi@digicomp.ch (12/20/01)
  • RE: DDoS Attacks to several Networks (Switzerland) List-Collector (12/21/01)
• sshd brake-in attempts Emil Popov (12/20/01)
  • Re: sshd brake-in attempts Markus Friedl (12/20/01)
• Newest Nimda variant? Scanning ftp,telnet,smtp,snmp? Glenn Forbes Fleming Larratt (12/20/01)
  • Re: Newest Nimda variant? Scanning ftp,telnet,smtp,snmp? H C (12/20/01)
  • RE: Newest Nimda variant? Scanning ftp,telnet,smtp,snmp? Tony Langdon (12/20/01)
• NT Compromise MALIN, ALEX (PB) (12/19/01)
  • Re: NT Compromise Christine Merey (12/19/01)
• NT Compromise Eric Hines (12/19/01)
  • RE: NT Compromise Jignesh Pathak (12/19/01)
    • RE: NT Compromise Matthew Leeds (12/19/01)
  • Re: NT Compromise Nexus (12/19/01)
  • Re: NT Compromise H C (12/20/01)
  • Re: NT Compromise Paulo Braga (12/20/01)
• *MAJOR SECURITY BREACH AT CCBILL** Dayne Jordan (12/19/01)
  • Re: *MAJOR SECURITY BREACH AT CCBILL** H C (12/19/01)
    • Re: *MAJOR SECURITY BREACH AT CCBILL** Dayne Jordan (12/19/01)
      • Re: *MAJOR SECURITY BREACH AT CCBILL** l0rtamus Prime (12/19/01)
      • Re: *MAJOR SECURITY BREACH AT CCBILL** Robert van der Meulen (12/20/01)
  • RE: *MAJOR SECURITY BREACH AT CCBILL** NESTING, DAVID M (SBCSI) (12/19/01)
    • Re: *MAJOR SECURITY BREACH AT CCBILL** Dayne Jordan (12/19/01)
    • Re: *MAJOR SECURITY BREACH AT CCBILL** Dayne Jordan (12/19/01)
      • RE: *MAJOR SECURITY BREACH AT CCBILL** robh@forestknoll.com (12/20/01)
      • RE: *MAJOR SECURITY BREACH AT CCBILL** jlewis@lewis.org (12/20/01)
  • RE: *MAJOR SECURITY BREACH AT CCBILL** Rick Darsey (12/19/01)
    • Contacting t-dialin {MAJOR SECURITY BREACH AT CCBILL} Christian Vogel (12/20/01)
      • Re: Contacting t-dialin {MAJOR SECURITY BREACH AT CCBILL} Damir Rajnovic (12/21/01)
  • Re: *MAJOR SECURITY BREACH AT CCBILL** Dayne Jordan (12/20/01)
  • RE: *MAJOR SECURITY BREACH AT CCBILL** Sparro, Dave (12/21/01)
  • Re: *MAJOR SECURITY BREACH AT CCBILL** Matthew S. Hallacy (12/24/01)
• Re: UDP DoS attack in Win2k via IKE Dan Irwin (12/19/01)
• wanadoo.fr's ip blocks Aaron Wolfe (12/18/01)
  • Re: wanadoo.fr's ip blocks Erik Fichtner (12/18/01)
• a BIG Thank-You! Gregg Sperling (12/18/01)
• SSH Attempts: Link to RedHat? Gregg Sperling (12/18/01)
  • Re: SSH Attempts: Link to RedHat? John Oliver (12/18/01)
  • Re: SSH Attempts: Link to RedHat? jon schatz (12/18/01)
    • Re: SSH Attempts: Link to RedHat? Dave Dittrich (12/18/01)
      • Re: SSH Attempts: Link to RedHat? Holger van Lengerich (paderLinx GmbH) (12/19/01)
  • RE: SSH Attempts: Link to RedHat? Montz, James C. (James Tower) (12/18/01)
  • Re: SSH Attempts: Link to RedHat? Rodrigo Barbosa (12/19/01)
• Re: MSIE may download and run progams automatically Seth Leone (12/17/01)
• FTP scans from wanadoo.fr Aaron Wolfe (12/17/01)
  • Re: FTP scans from wanadoo.fr Paul Asadoorian (12/17/01)
    • Re: FTP scans from wanadoo.fr Todd Suiter (12/17/01)
      • RE: FTP scans from wanadoo.fr Rick Darsey (12/17/01)
      • Re: FTP scans from wanadoo.fr Glenn Forbes Fleming Larratt (12/17/01)
  • Re: FTP scans from wanadoo.fr Todd Suiter (12/17/01)
  • Re: FTP scans from wanadoo.fr Mike V (12/17/01)
  • Re: FTP scans from wanadoo.fr Jose Nazario (12/17/01)
  • Re: FTP scans from wanadoo.fr Sébastien Vaast (12/17/01)
  • RE: FTP scans from wanadoo.fr SunTrix Com Management (12/17/01)
  • Re: FTP scans from wanadoo.fr russell (12/17/01)
    • Re: FTP scans from wanadoo.fr Steve (12/18/01)
  • Re: FTP scans from wanadoo.fr loon (12/18/01)
    • Re: FTP scans from wanadoo.fr Phil (12/18/01)
    • Re: FTP scans from wanadoo.fr Replugge [Rod] (12/18/01)
  • Re: FTP scans from wanadoo.fr dr john halewood (12/18/01)
    • Re: FTP scans from wanadoo.fr Alexandre Pinto (12/18/01)
    • Re: FTP scans from wanadoo.fr - MOre info Replugge [Rod] (12/18/01)
      • Re: FTP scans from wanadoo.fr - MOre info Pieter-Bas IJdens (12/19/01)
  • RE: FTP scans from wanadoo.fr Barber, Chris (12/18/01)
  • Re: FTP scans from wanadoo.fr Emil Popov (12/20/01)
  • Re: FTP scans from wanadoo.fr Dave Morris (12/20/01)
• Weird Scan centipede (12/16/01)
• CERT CA-2001-034 Mike Friedberg (12/14/01)
• Seen any DDoS coming from 208.184.109.166? mixter@2xs.co.il (12/14/01)
• SOPHOS REPLY: RE: Gokar Worm? Jagh, Kevin (TGA/MLOL) (12/13/01)
• Gokar Worm? Jeremy G Byrne (12/13/01)
  • RE: Gokar Worm? Matthew Reams (12/13/01)
  • Re: Gokar Worm? Johannes B. Ullrich (12/13/01)
  • Re: Gokar Worm? Nick FitzGerald (12/13/01)
• Something new? Todd Dunbebin (12/13/01)
  • RE: Something new? Graeme Fowler (12/13/01)
• CodeRed-like FTP worm? Ascent - Compton, Richard (12/12/01)
  • Re: CodeRed-like FTP worm? hvdkooij@vanderkooij.org (12/13/01)
  • Re: CodeRed-like FTP worm? Neil McKellar (12/13/01)
  • Re: CodeRed-like FTP worm? H C (12/13/01)
• RE: Voluminous SSHd scanning; possible worm activity ? Gommers, Joep (12/12/01)
  • Re: Voluminous SSHd scanning; possible worm activity ? Steve Wright (12/13/01)
    • Re: Voluminous SSHd scanning; possible worm activity ? Philipp Stucke (12/13/01)
    • Re: Voluminous SSHd scanning; possible worm activity ? Dave Dittrich (12/13/01)
      • Re: Voluminous SSHd scanning; possible worm activity ? Dragos Ruiu (12/16/01)
• New rootkit? UIA Security (12/12/01)
  • Re: New rootkit? Blake Frantz (12/12/01)
• RE: Internal Machine making many attempts to connect to Internet on 1 37 Portnoy, Gary (12/11/01)
  • RE: Internal Machine making many attempts to connect to Internet on 1 37 Seamus Hartmann (12/11/01)
• RE: Internal Machine making many attempts to connect to Internet on 137 Jim Harrison (SPG) (12/11/01)
  • RE: Internal Machine making many attempts to connect to Internet on 137 Robert Graham (12/12/01)
• Internal Machine making many attempts to connect to Internet on 1 37 Seamus Hartmann (12/11/01)
  • Re: Internal Machine making many attempts to connect to Internet on 137 Sam Evans (12/12/01)
  • RE: Internal Machine making many attempts to connect to Internet on 137 Nick Elliott (12/12/01)
• Port 111 Traffic Tim Brown (12/11/01)
  • Re: Port 111 Traffic Tim Brown (12/11/01)
  • RE: Port 111 Traffic Michael Ward (12/12/01)
• Know Your Enemy: Honeynets Lance Spitzner (12/11/01)
• Distributed Scans? E. Larry Lidz (12/10/01)
• Possible DoS Attack? Jonathan A. Zdziarski (12/10/01)
  • RE: Possible DoS Attack? Blake R. Swopes (12/10/01)
  • Re: Possible DoS Attack? Glenn Forbes Fleming Larratt (12/10/01)
  • Re: Possible DoS Attack? Jacques Bourdeau (12/10/01)
  • RE: Possible DoS Attack? Jacques Bourdeau (12/10/01)
  • Re: Voluminous SSHd scanning; possible worm activity? Neil Dickey (12/10/01)
    • RE: Voluminous SSHd scanning; possible worm activity? Schroeder, Eric (12/10/01)
      • Re: Voluminous SSHd scanning; possible worm activity? Markus Friedl (12/10/01)
  • RE: Voluminous SSHd scanning; possible worm activity? Schroeder, Eric (12/10/01)
    • Re: Voluminous SSHd scanning; possible worm activity? Florian Weimer (12/10/01)
      • Re: Voluminous SSHd scanning; possible worm activity? Markus Friedl (12/11/01)
  • Re: Voluminous SSHd scanning; possible worm activity? Armando Ortiz (12/10/01)
  • Re: Voluminous SSHd scanning; possible worm activity? Russell Fulton (12/10/01)
  • Re: Voluminous SSHd scanning; possible worm activity? Jacek Lipkowski (12/11/01)
  • RE: Voluminous SSHd scanning; possible worm activity? Gommers, Joep (12/11/01)
    • RE: Voluminous SSHd scanning; possible worm activity? Damien Miller (12/11/01)
    • Re: Voluminous SSHd scanning; possible worm activity? Bertrand Lupart (12/12/01)
      • Re: Voluminous SSHd scanning; possible worm activity? Jonathan Bloomquist (12/13/01)
    • RE: Voluminous SSHd scanning; possible worm activity? jon schatz (12/12/01)
      • Re: Voluminous SSHd scanning; possible worm activity? Markus Friedl (12/12/01)
  • RE: Voluminous SSHd scanning; possible worm activity? Gommers, Joep (12/12/01)
  • RE: Voluminous SSHd scanning; possible worm activity? Gommers, Joep (12/12/01)
  • Re: Voluminous SSHd scanning; possible worm activity? Paul Gear (12/13/01)
    • Re: Voluminous SSHd scanning; possible worm activity? Sam Ferrell (12/13/01)
  • Re: Voluminous SSHd scanning; possible worm activity? Glenn Forbes Fleming Larratt (12/10/01)
  • Re: Voluminous SSHd scanning; possible worm activity? Clarissa Cook (12/17/01)
• CodeRed back with with a vengence this month! Russell Fulton (12/09/01)
  • Re: CodeRed back with with a vengence this month! Cory McIntire (12/10/01)
    • Re: CodeRed back with with a vengence this month! Ian O'Brien (12/10/01)
  • Re: CodeRed back with with a vengence this month! zeno (12/10/01)
• Anonymous FTP annoyance Bryan Smith (12/08/01)
  • Re: Anonymous FTP annoyance James (12/09/01)
  • Re: Anonymous FTP annoyance Nick FitzGerald (12/09/01)
  • Re: Anonymous FTP annoyance John Sage (12/09/01)
  • RE: Anonymous FTP annoyance Bryan Smith (12/10/01)
• 6112/TCP scans Paul Dokas (12/07/01)
  • Re: 6112/TCP scans dewt (12/08/01)
    • Re: 6112/TCP scans Paul Dokas (12/11/01)
      • Re: 6112/TCP scans Neil Long (12/11/01)
      • Re: 6112/TCP scans Paul Dokas (12/12/01)
• Port 113 requests? Michael Ward (12/06/01)
  • Re: Port 113 requests? Chris Wilkes (12/06/01)
  • Re: Port 113 requests? Ryan Russell (12/06/01)
    • Re: Port 113 requests? Helmut Springer (12/07/01)
    • Re: Port 113 requests? Valdis.Kletnieks@vt.edu (12/07/01)
      • Re: Port 113 requests? Ryan Russell (12/07/01)
  • RE: Port 113 requests? Slighter, Tim (12/06/01)
    • RE: Port 113 requests? Ryan McDonnell (12/07/01)
    • RE: Port 113 requests? Andrew Leonard (12/07/01)
      • RE: Port 113 requests? Todd Suiter (12/07/01)
      • Re: Port 113 requests? Helmut Springer (12/07/01)
    • Re: Port 113 requests? Crist J . Clark (12/07/01)
      • Re: Port 113 requests? Greg A. Woods (12/07/01)
    • Re: Port 113 requests? Paul Cardon (12/07/01)
    • Re: Port 113 requests? Mike Meredith (12/07/01)
    • RE: Port 113 requests? Tony Gale (12/07/01)
    • Re: Port 113 requests? Florian Weimer (12/07/01)
    • Re: Port 113 requests? Alexander Bochmann (12/07/01)
    • Re: Port 113 requests? Patrick Patterson (12/07/01)
    • Re: Port 113 requests? Paul Gear (12/07/01)
      • Thread "Port 113 requests?" Mario van Velzen (12/08/01)
    • Re: Port 113 requests? Valdis.Kletnieks@vt.edu (12/06/01)
  • RE: Port 113 requests? Chris Keladis (12/07/01)
    • RE: Port 113 requests? Jose Nazario (12/07/01)
      • RE: Port 113 requests? Steve Stearns (12/07/01)
  • RE: Port 113 requests? Brian Cervenka (12/07/01)
• norton AV host discovery scan Ian Melven (12/06/01)
  • Re: norton AV host discovery scan FatFinger (12/08/01)
• Gone Worm Andrew Blevins (12/05/01)
  • RE: Gone Worm Chris Eidem (12/05/01)
  • RE: Gone Worm Michael Garafola (12/06/01)
• RE: New version of SirCam ===w32Goner David Brown (12/04/01)
• slowish ssh scan from 149.69.85.65 Russell Fulton (12/05/01)
  • Re: slowish ssh scan from 149.69.85.65 Nate Campi (12/05/01)
    • Re: slowish ssh scan from 149.69.85.65 Andreas Östling (12/05/01)
  • Re: slowish ssh scan from 149.69.85.65 Glenn Forbes Fleming Larratt (12/05/01)
    • Re: slowish ssh scan from 149.69.85.65 Jim Watt (12/05/01)
• New version of SirCam? Joao Gouveia (12/04/01)
  • RE: New version of SirCam? hpierce@ned.ara.com (12/04/01)
  • Re: New version of SirCam ===w32Goner Seth Leone (12/04/01)
• Honeynet Research Alliance Lance Spitzner (12/04/01)
• Network 195.70.202.0/24 is hacker-freindly Pavel Lozhkin (12/03/01)
  • RE: Network 195.70.202.0/24 is hacker-freindly Boyan Krosnov (12/04/01)
    • Re: Network 195.70.202.0/24 is hacker-freindly Mike Lewinski (12/04/01)
  • Re: Network 195.70.202.0/24 is hacker-freindly Yaakov Yehudi (12/04/01)
  • Re: Network 195.70.202.0/24 is hacker-freindly Pavel Lozhkin (12/04/01)
  • RE: Network 195.70.202.0/24 is hacker-freindly Justin Silles (12/04/01)
  • Re: Network 195.70.202.0/24 is hacker-freindly Nissa Moore - ISSM (12/05/01)
  • Re: Network 195.70.202.0/24 is hacker-freindly Thierry Zoller (12/05/01)
• why the nimda upsurge again? Jose Nazario (12/03/01)
  • Re: why the nimda upsurge again? Dug Song (12/04/01)
    • Re: why the nimda upsurge again? Jose Nazario (12/04/01)
  • RE: why the nimda upsurge again? James (12/04/01)
• RE: Code Red -- AGAIN?!? Reeves, Michael (GEAE, Compaq) (12/03/01)
• linux 'zoot' rootkit/DoSkit/etc James W. Abendschan (12/03/01)
  • Re: linux 'zoot' rootkit/DoSkit/etc Konrad Rieck (12/03/01)
    • Re: linux 'zoot' rootkit/DoSkit/etc James W. Abendschan (12/05/01)
  • Re: linux 'zoot' rootkit/DoSkit/etc Fredrik Ostergren (12/05/01)
  • Re: linux 'zoot' rootkit/DoSkit/etc James W. Abendschan (12/05/01)
• Attacks against SSH? johan.augustsson@adm.gu.se (12/03/01)
  • Re: Attacks against SSH? Aaron Schultz (12/03/01)
  • Re: Attacks against SSH? f.johan.beisser (12/03/01)
    • Re: Attacks against SSH? johan.augustsson@adm.gu.se (12/04/01)
      • Re: Attacks against SSH? Jordan K Wiens (12/04/01)
    • Re: Attacks against SSH? Dave Dittrich (12/04/01)
      • Re: Attacks against SSH? Jason Baker (12/04/01)
      • Re: Attacks against SSH? Michal Zalewski (12/04/01)
      • Re: Attacks against SSH? Russell Fulton (12/05/01)
      • Re: Attacks against SSH? Przemyslaw Frasunek (12/05/01)
    • Re: Attacks against SSH? Jason Robertson (12/03/01)
      • Re: Attacks against SSH? f.johan.beisser (12/03/01)
      • SSH1 CRC32 Compensation Attacks Armando B. Ortiz (12/09/01)
      • Re: SSH1 CRC32 Compensation Attacks Andreas Östling (12/10/01)
      • Re: SSH1 CRC32 Compensation Attacks Armando Ortiz (12/10/01)
    • Re: Attacks against SSH? Florian Weimer (12/04/01)
  • Re: Attacks against SSH? Armando B. Ortiz (12/03/01)
    • Re: Attacks against SSH? Steven S (12/03/01)
    • Re: Attacks against SSH? Adam Manock (12/03/01)
  • Re: Attacks against SSH? Andreas Wiesmann (12/03/01)
  • Re: Attacks against SSH? Cy Schubert - ITSD Open Systems Group (12/03/01)
  • RE: Attacks against SSH? CHURCH,GENO (Non-HP-USA,ex1) (12/04/01)
  • Re: Attacks against SSH? Russell Fulton (12/05/01)
    • Re: Attacks against SSH? David Chin (12/05/01)
  • Re: Attacks against SSH? Skip Carter (12/05/01)
  • Re: Attacks against SSH? johan.augustsson@adm.gu.se (12/06/01)
  • Re: Attacks against SSH? Skip Carter (12/06/01)
• RE: Strange Web requests. Geoffrey King (12/01/01)
• RE: Proxy Scans to dial up hosts... Ascent - Compton, Richard (11/30/01)
• Re: Proxy Scans to dial up hosts... Bill_Royds@pch.gc.ca (11/30/01)
• Re: solaris nscd cores mikeDOTd (12/01/01)
  • Re: solaris nscd cores Greg A. Woods (12/02/01)
    • Re: solaris nscd cores Fyodor (12/02/01)
  • Re: solaris nscd cores j.e.r.k. ROCKS (12/04/01)
  • Re: solaris nscd cores j.e.r.k. ROCKS (12/04/01)
• Re: Code Red -- AGAIN?!? Eric Hall (11/30/01)
• Re: Re[2]: Strange Traffic.. Markus Stumpf (11/30/01)
• Re: Proxy Scans to dail up hosts... Dave Mitchell (11/30/01)

Last message date: 12/31/01
Archived on: 12/31/01 CET

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint