Re: FTP scans from wanadoo.fr

From: Glenn Forbes Fleming Larratt (glratt@io.com)
Date: 12/17/01 

Date: Mon, 17 Dec 2001 15:56:27 -0600 (CST)
From: Glenn Forbes Fleming Larratt <glratt@io.com>
To: <incidents@securityfocus.com>

Should this be forwarded directly to chris@ideacatchers.com, or
is there another point-of-contact?

Is the a limit of size? I've got a *lot* of logs (some 31 complaints,
answered only with an autoreply, since 1 Oct).

Please advise.

        -g

On Mon, 17 Dec 2001, Todd Suiter wrote:

> Here you go:
>
> From: Chris Reynolds [mailto:chris@ideacatchers.com]
> Sent: Friday, December 07, 2001 2:53 PM
> To: Intrusions List (E-mail)
> Subject: Wanadoo.fr Scans
>
>
> Hi all,
>
> Good news on the Wanadoo.fr front! Their upstream provider, Opentransit
> is
> now aware of the scope of the scanning activity from Wanadoo.fr network
> space and they have requested a list of source IPs involved in scanning
> and/or attacks. Opentransit has said that they will be escalating this
> issue
> with Wanadoo.fr management, and they need some data to go with it.
>
> Please forward any IDS or server logs showing Wanadoo.fr activity - the
> more
> source IPs we send them, the easier it will be for them to enact some
> positive change at Wanadoo.fr. We should be able to get this wrapped up
> very
> soon!
>
> Thanks,

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Quantcast