SecurityFocus Incidents
By Thread

210 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

---

Starting: 01/02/02
Ending: 01/31/02

• RE: DDoS to microsoft sites (? avenues of attack!) Eaton, Arthur (01/31/02)
• [Unusual Network_scan[tcp-6267]] Russell Fulton (01/31/02)
• New Virus/Worm - Frontpage? Clinton Smith (01/31/02)
• suspicious packets Michael Anuzis (01/31/02)
• Apache 1.3.XX John (01/31/02)
  • Re: Apache 1.3.XX Russell Fulton (01/31/02)
• Odd scan Fulton L. Preston Jr. (01/30/02)
  • RE: Odd scan dlaumann@suntzu.net (01/30/02)
  • Re: Odd scan sgtphou@fire-eyes.yi.org (01/30/02)
• DDoS to microsoft sites Mike Lewinski (01/30/02)
  • RE: DDoS to microsoft sites John Campbell (01/30/02)
  • Re: DDoS to microsoft sites Bronek Kozicki (01/30/02)
    • Re: DDoS to microsoft sites Mike Lewinski (01/30/02)
  • Re: DDoS to microsoft sites Hugo van der Kooij (01/30/02)
  • RE: DDoS to microsoft sites Adcock, Matt (01/30/02)
    • RE: DDoS to microsoft sites H C (01/30/02)
    • RE: DDoS to microsoft sites Jason Robertson (01/31/02)
  • RE: DDoS to microsoft sites Adcock, Matt (01/30/02)
    • RE: DDoS to microsoft sites Dave Ockwell-Jenner (01/30/02)
  • Re: Re: DDoS to microsoft sites Mike Lewinski (01/31/02)
• UDP port 500 traffic from two clients Chris Wilkes (01/28/02)
  • Re: UDP port 500 traffic from two clients Glen Mehn (01/28/02)
  • RE: UDP port 500 traffic from two clients McCammon, Keith (01/28/02)
  • Re: UDP port 500 traffic from two clients Gary Flynn (01/28/02)
    • Re: UDP port 500 traffic from two clients Hugo van der Kooij (01/28/02)
  • RE: UDP port 500 traffic from two clients Toni Heinonen (01/28/02)
    • RE: UDP port 500 traffic from two clients Greg A. Woods (01/29/02)
      • RE: UDP port 500 traffic from two clients Fernando Cardoso (01/29/02)
      • RE: UDP port 500 traffic from two clients Greg A. Woods (01/29/02)
• Lots of scans by SSH-1.0-SSH_Version_Mapper Blake R. Swopes (01/28/02)
• is this enumeration? Ronneil Camara (01/28/02)
• Honeypot challenge you've probably already heard about Mark Symonds (01/27/02)
• DDoS help! Sebastian Ip (01/26/02)
• Strings of 'EEEE' in pings... Peter Bates (01/25/02)
  • Re: Strings of 'EEEE' in pings... Chris Keladis (01/25/02)
  • RE: Strings of 'EEEE' in pings... dlaumann@suntzu.net (01/26/02)
• port 22224?? What the heck Gary Baribault (01/25/02)
  • Re: port 22224?? What the heck John Campbell (01/25/02)
    • Re: port 22224?? What the heck Baribault, Gary (01/26/02)
• DDoS attack. Daniel F. Chief Security Engineer - (01/25/02)
  • Re: DDoS attack. Glenn Forbes Fleming Larratt (01/25/02)
    • Re: DDoS attack. Daniel F. Chief Security Engineer - (01/25/02)
  • Re: DDoS attack. Neil Dickey (01/25/02)
  • RE: DDoS attack. Boyan Krosnov (01/25/02)
  • Re: DDoS attack. Bugtraq Mailing Lists (01/27/02)
    • Re: DDoS attack. Stanislav N. Vardomskiy (01/28/02)
      • Re: DDoS attack. Patrick Oonk (01/28/02)
    • Re: DDoS attack. Wichert Akkerman (01/28/02)
• Odd string in packet... Grimes, Shawn (NIA/IRP) (01/25/02)
  • Re: Odd string in packet... Frank de Lange (01/25/02)
    • Re: Odd string in packet... Nick FitzGerald (01/26/02)
• xsf/xchk Vladimir Ivaschenko (01/22/02)
  • optic rootkit (was Re: xsf/xchk) Vladimir Ivaschenko (01/22/02)
    • RPC EXPLOIT statdx John Stauffacher (01/23/02)
      • Re: RPC EXPLOIT statdx Brian (01/23/02)
• shaft client to handler? Kyle R Maxwell (01/22/02)
  • Re: shaft client to handler? Jose Nazario (01/22/02)
  • Re: shaft client to handler? Neil Dickey (01/22/02)
• Panz root kit quentyn@fotango.com (01/21/02)
  • Re: Panz root kit Andrew Simmons (01/24/02)
• dtspcd compromises Russell Fulton (01/21/02)
  • RE: dtspcd compromises Russell Fulton (01/21/02)
• Odd connection attempts from many addresses John Bland (01/19/02)
  • Re: Odd connection attempts from many addresses James Hoagland (01/25/02)
    • Re: Odd connection attempts from many addresses John Bland (01/25/02)
• dtspcd probes toward Solaris machines Scott Fendley (01/18/02)
  • RE: dtspcd probes toward Solaris machines James C. Slora Jr. (01/18/02)
    • Re: dtspcd probes toward Solaris machines Skip Carter (01/18/02)
  • Re: dtspcd probes toward Solaris machines Lance Spitzner (01/18/02)
    • Re: dtspcd probes toward Solaris machines Nathan W. Labadie (01/18/02)
• FW: Hack - DNS cache poisoning resurfacing on MS DNS? Vidovic,Zvonimir,VEVEY,GL-IS/CIS (01/17/02)
  • Re: FW: Hack - DNS cache poisoning resurfacing on MS DNS? David Ulevitch (01/17/02)
• Comcast.net abuse contact? root@physiometrics.net (01/16/02)
  • RE: Comcast.net abuse contact? Mike Healy (01/16/02)
  • RE: Comcast.net abuse contact? Misechok Mike J (01/16/02)
  • Re: Comcast.net abuse contact? Chris Wilkes (01/16/02)
    • Re: Comcast.net abuse contact? Tom Laermans (01/16/02)
  • RE: Comcast.net abuse contact? Mike Healy (01/17/02)
• Trojans that use LDAP Gary Porter (01/15/02)
  • Re: Trojans that use LDAP Patrick Patterson (01/15/02)
  • Re: Trojans that use LDAP Hugo van der Kooij (01/16/02)
  • Re: Trojans that use LDAP GeekSpooky@aol.com (01/17/02)
  • Re: Trojans that use LDAP Kevin.Reardon@oracle.com (01/18/02)
    • Re: Trojans that use LDAP Stephen (01/19/02)
• Connection Attempts Jeremy Hoover (01/14/02)
  • Re: Connection Attempts Anders Thulin (01/15/02)
  • Re: Connection Attempts Andrew Simmons (01/15/02)
  • Re: Connection Attempts Kevin.Reardon@oracle.com (01/15/02)
• Matt Wright FormMail Attacks Dmitri Smirnov (01/13/02)
  • RE: Matt Wright FormMail Attacks Turner, Keith (01/14/02)
    • RE: Matt Wright FormMail Attacks Christopher X. Candreva (01/14/02)
    • RE: Matt Wright FormMail Attacks Jose Nazario (01/14/02)
  • Re: Matt Wright FormMail Attacks Mike Lewinski (01/14/02)
    • Re: Matt Wright FormMail Attacks Jose Nazario (01/14/02)
  • Re: Matt Wright FormMail Attacks jlewis@lewis.org (01/14/02)
  • RE: Matt Wright FormMail Attacks Pence, Derek A. (01/14/02)
    • Re: Matt Wright FormMail Attacks Brannon (01/14/02)
    • Re: Matt Wright FormMail Attacks Markus Stumpf (01/16/02)
  • Re: Matt Wright FormMail Attacks Michael Hottinger (01/15/02)
• nasty tripwire report Chester Jankowski (01/13/02)
  • Re: nasty tripwire report Gideon Lenkey (01/14/02)
    • Re: nasty tripwire report Patrick (01/15/02)
  • Re: nasty tripwire report David Worth (01/16/02)
• Strange traffic... John Oliver (01/11/02)
  • Re: Strange traffic... Mark Tinberg (01/12/02)
• New DNS connection with SYN ACK Jerry Perser (01/11/02)
  • Re: New DNS connection with SYN ACK Richard Arends (01/11/02)
    • Re: New DNS connection with SYN ACK Nick Drage (01/14/02)
      • Re: New DNS connection with SYN ACK Patrick Benson (01/14/02)
  • RE: New DNS connection with SYN ACK Dan Hawrylkiw (01/13/02)
    • RE: New DNS connection with SYN ACK Jason Dixon (01/14/02)
      • Re: New DNS connection with SYN ACK John Hall (01/15/02)
    • Unusual DNS requests (not related to previous DNS thread) measl@mfn.org (01/15/02)
      • Re: Unusual DNS requests (not related to previous DNS thread) Ryan Russell (01/15/02)
      • Re: Unusual DNS requests (not related to previous DNS thread) measl@mfn.org (01/18/02)
      • Re: Unusual DNS requests (not related to previous DNS thread) Greg A. Woods (01/18/02)
      • Re: Unusual DNS requests (not related to previous DNS thread) Greg A. Woods (01/15/02)
  • RE: New DNS connection with SYN ACK Cloppert, Michael (01/14/02)
    • Re: New DNS connection with SYN ACK RainbowHat (01/15/02)
  • RE: New DNS connection with SYN ACK Keith T. Morgan (01/14/02)
• Trying to identify UDP DOS/Flood tool Johan Augustsson (01/11/02)
• ld.so.preload Root Kit Gideon Lenkey (01/11/02)
• Windows XP - Still has a Windows NT4 DoS hangover? Bob Fryer (01/11/02)
• Re(2): new codered worm penetrates content-filtering Ken Eichman (01/10/02)
  • Re: Re(2): new codered worm penetrates content-filtering Ryan Russell (01/10/02)
• new codered worm penetrates content-filtering Chris Russel (01/10/02)
  • Re: new codered worm penetrates content-filtering Ryan Russell (01/10/02)
  • RE: new codered worm penetrates content-filtering Shackleford, Dave (01/10/02)
  • Re: new codered worm penetrates content-filtering Chris Russel (01/10/02)
    • Re: new codered worm penetrates content-filtering Michael H. Warfield (01/10/02)
  • RE: new codered worm penetrates content-filtering Robert Gile @Agoura (01/10/02)
  • Re: new codered worm penetrates content-filtering Ryan Russell (01/10/02)
    • Re: new codered worm penetrates content-filtering Nick FitzGerald (01/11/02)
      • Re: new codered worm penetrates content-filtering Ryan Russell (01/11/02)
      • Re: new codered worm penetrates content-filtering Ryan Russell (01/11/02)
• Remote Shell Trojan b Qualys, Inc. (01/10/02)
• Re: [Think I've got trouble] Greg Dotoli (01/09/02)
• Think I've got trouble Katherine Ogden (01/09/02)
  • Re: Think I've got trouble Hugo van der Kooij (01/09/02)
  • RE: Think I've got trouble Andrew Blevins (01/09/02)
  • Re: Think I've got trouble Nexus (01/09/02)
  • RE: Think I've got trouble Frank Knobbe (01/10/02)
• Name that Trojan Nutcase_69 (01/09/02)
  • Re: Name that Trojan Hugo van der Kooij (01/09/02)
  • Re: Name that Trojan Blake Frantz (01/09/02)
  • RE: Name that Trojan Kester, Kelly (01/09/02)
  • RE: Name that Trojan Michael Ward (01/09/02)
• Machine compromised Jan van Rensburg (01/09/02)
  • RE: Machine compromised dlaumann@suntzu.net (01/09/02)
  • Re: Machine compromised Gamble (01/09/02)
  • Re: Machine compromised Petrus Repo (01/09/02)
  • Re: Machine compromised Jan van Rensburg (01/15/02)
• Large ICMP Packets with strange payload Brennan Bakke (01/09/02)
  • Re: Large ICMP Packets with strange payload Eric Landuyt (01/09/02)
    • Re: Large ICMP Packets with strange payload Russell Fulton (01/09/02)
• Attacking every host in the path? Mike Lewinski (01/09/02)
  • Re: Attacking every host in the path? Bugtraq Mailing Lists (01/09/02)
    • Re: Attacking every host in the path? Gamble (01/09/02)
• how often do 0-days REALLY happen? leon (01/09/02)
  • Re: how often do 0-days REALLY happen? Greg Francis (01/09/02)
  • Re: how often do 0-days REALLY happen? Ryan Russell (01/09/02)
  • Re: how often do 0-days REALLY happen? Michal Zalewski (01/09/02)
  • RE: how often do 0-days REALLY happen? leon (01/09/02)
  • Re: how often do 0-days REALLY happen? Gamble (01/09/02)
  • RE: how often do 0-days REALLY happen? Ofir Arkin (01/09/02)
  • Re: how often do 0-days REALLY happen? Randy Taylor (01/09/02)
• unidentified DNS attack David Wilburn (01/08/02)
  • Re: unidentified DNS attack quentyn@fotango.com (01/09/02)
• port 20480 Calhoun, Heath (01/08/02)
• Attacks against IIS servers using ServU FTP Torbjorn Wictorin (01/08/02)
  • Re: Attacks against IIS servers using ServU FTP Matt Scarborough (01/09/02)
• Strange connection attempts Andrea Efstathiou (01/07/02)
  • RE: Strange connection attempts Cloppert, Michael (01/08/02)
• Spoofed scans Richard Arends (01/06/02)
  • Re: Spoofed scans James (01/07/02)
    • RE: Spoofed scans Philip Wagenaar (01/07/02)
      • Re: Spoofed scans James (01/07/02)
      • Re: Spoofed scans Will Aoki (01/07/02)
    • RE: Spoofed scans Bojan Zdrnja (01/07/02)
  • Re: Spoofed scans Gideon Lenkey (01/07/02)
  • Re: Spoofed scans Crist J. Clark (01/07/02)
    • Re: Spoofed scans Richard Arends (01/07/02)
  • RE: Spoofed scans Paul M. Tiedemann (01/08/02)
    • Re: Spoofed scans Dave Ryan (01/08/02)
    • RE: Spoofed scans Gideon Lenkey (01/08/02)
  • RE: Spoofed scans Joshua Wright (01/09/02)
    • RE: Spoofed scans Jose Nazario (01/09/02)
• Monkeybrains.net and badtrans compromise information Joe-Clifton (01/04/02)
  • RE: Monkeybrains.net and badtrans compromise information Ken Pfeil (01/04/02)
  • RE: Monkeybrains.net and badtrans compromise information Williams Jon (01/04/02)
  • RE: Monkeybrains.net and badtrans compromise information van Wyk, Ken (01/04/02)
    • RE: Monkeybrains.net and badtrans compromise information Ken Pfeil (01/04/02)
      • RE: Monkeybrains.net and badtrans compromise information Michael Graham (01/04/02)
  • RE: Monkeybrains.net and badtrans compromise information Slighter, Tim (01/04/02)
    • RE: Monkeybrains.net and badtrans compromise information Nick FitzGerald (01/05/02)
  • RE: Monkeybrains.net and badtrans compromise information Brian McWilliams (01/04/02)
• Dead Thread - Microsoft's Early Xmas Present. Jensenne Roculan (01/03/02)
• RE: Microsoft's Early Xmas Present. Cloppert, Michael (01/03/02)
  • RE: Microsoft's Early Xmas Present. H C (01/03/02)
    • Re: Microsoft's Early Xmas Present. Valdis.Kletnieks@vt.edu (01/03/02)
    • RE: Microsoft's Early Xmas Present. Eric Jon Rostetter (01/03/02)
      • RE: Microsoft's Early Xmas Present. H C (01/03/02)
• Re: Microsoft's Early Xmas Present. Devdas Bhagat (01/02/02)
  • Re: Microsoft's Early Xmas Present. Steve Stearns (01/02/02)
    • Re: Microsoft's Early Xmas Present. John Sage (01/03/02)
      • Re: Microsoft's Early Xmas Present. Brett Glass (01/03/02)
  • Re: Microsoft's Early Xmas Present. David Kennedy CISSP (01/03/02)
    • Re: Microsoft's Early Xmas Present. Ryan Russell (01/03/02)
• ARIS Users Please Read - Upgrade Required Alfred Huger (01/02/02)
• blackshell tool1: SSHD vulnerability scanner blackshell@hushmail.com (01/01/02)

Last message date: 01/31/02
Archived on: 01/31/02 CET

---

210 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > incidents  > 2002-01