SecurityFocus Incidents
By Thread

195 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

---

Starting: 06/01/02
Ending: 06/29/02

• EarlyBird for Other Attacks? gs-list (06/28/02)
  • Re: EarlyBird for Other Attacks? Hugo van der Kooij (06/29/02)
• Textbook CodeRed v2 Caught By Snort Jeremy Junginger (06/28/02)
  • Re: Textbook CodeRed v2 Caught By Snort Ryan Russell (06/28/02)
  • Re: Textbook CodeRed v2 Caught By Snort Nick FitzGerald (06/29/02)
• FW: Apache worm in the wild suniljames@hotmail.com (06/28/02)
  • Re: FW: Apache worm in the wild Skip Carter (06/28/02)
• unexplained port 524 probes payload "cko" Fragga (06/28/02)
• 33 character encrypted passwords in /etc/shadow Mike Denka (06/28/02)
  • Re: 33 character encrypted passwords in /etc/shadow zeno (06/28/02)
  • Re: 33 character encrypted passwords in /etc/shadow Ben Boulanger (06/28/02)
  • Re: 33 character encrypted passwords in /etc/shadow Stephen Smoogen (06/28/02)
  • FW: 33 character encrypted passwords in /etc/shadow Mike Denka (06/28/02)
    • Re: FW: 33 character encrypted passwords in /etc/shadow Paul Gear (06/29/02)
• win2k server issue RUSSELL T. LEWIS (06/27/02)
  • Re: win2k server issue H C (06/28/02)
  • RE: win2k server issue McCammon, Keith (06/28/02)
  • RE: win2k server issue Kit (06/28/02)
• Apache goes berserk Brett Glass (06/27/02)
  • Re: Apache goes berserk Tobias Rosenstock (06/27/02)
  • Re: Apache goes berserk Brett Glass (06/27/02)
• Fw: [PHP-DEV] Fw: PHP content-disposition vuln Peter Petermann (06/27/02)
• UAAC Protocol ? Clarke, Suzy (06/26/02)
• Dead Thread - Backdoor Jensenne Roculan (06/26/02)
• Am i compromised? Paul Gear (06/26/02)
  • Re: Am i compromised? Sergey Latkin (06/27/02)
• Someone looking for CodeRed infected boxes ? Maxime Ducharme (06/26/02)
  • Re: Someone looking for CodeRed infected boxes ? Cliff Albert (06/27/02)
    • Re: Someone looking for CodeRed infected boxes ? Joao Gouveia (06/28/02)
      • Re: Someone looking for CodeRed infected boxes ? Maxime Ducharme (06/28/02)
• spoofed packets to RFC 1918 addresses Dirk Koopman (06/26/02)
  • Re: spoofed packets to RFC 1918 addresses measl@mfn.org (06/27/02)
  • RE: spoofed packets to RFC 1918 addresses Kent Hundley (06/27/02)
    • Re: spoofed packets to RFC 1918 addresses Barry Irwin (06/28/02)
  • Re: spoofed packets to RFC 1918 addresses Daniel Polombo (06/27/02)
  • Re: spoofed packets to RFC 1918 addresses jon schatz (06/27/02)
  • Re: spoofed packets to RFC 1918 addresses Robert E. Lee (06/27/02)
  • RE: spoofed packets to RFC 1918 addresses Shane Carroll (06/27/02)
  • Fw: spoofed packets to RFC 1918 addresses HggdH (06/28/02)
  • RE: spoofed packets to RFC 1918 addresses Sterling, Chuck (06/28/02)
  • RE: spoofed packets to RFC 1918 addresses Keith T. Morgan (06/28/02)
• URGENT! gamespy download infected with Nimda lsi (06/26/02)
  • RE: URGENT! gamespy download infected with Nimda Karen Cobb (06/26/02)
• PHP content-disposition vuln Roland von Herget (06/25/02)
  • RE: PHP content-disposition vuln Stefan Esser (06/27/02)
• zero tcp offset packets sent to a honeypot Costas Karafasoulis (06/25/02)
• Broken mailservers Hugo van der Kooij (06/24/02)
• Re: [incidents] Re: backdoor Jonas M Luster (06/24/02)
  • RE: [incidents] Re: backdoor Don Weber (06/25/02)
    • RE: [incidents] Re: backdoor Dial Joe (06/25/02)
• Honeynet Project - The Reverse Challenge Lance Spitzner (06/24/02)
• ZOMBIES_HTTP_GET Kee Hinckley (06/23/02)
  • Re: ZOMBIES_HTTP_GET Patrick Oonk (06/24/02)
• backdoor Fabio Miranda (06/23/02)
  • Re: backdoor steveg (06/23/02)
    • Re: backdoor Ken Fischer (06/24/02)
  • RE: backdoor Rob Keown (06/23/02)
  • Re: backdoor Hugo van der Kooij (06/23/02)
    • Re: backdoor Jonas M Luster (06/23/02)
      • Re: backdoor Kyle R. Hofmann (06/24/02)
    • Re: backdoor Mike Lewinski (06/23/02)
      • Re: backdoor Eric Rostetter (06/24/02)
  • Re: backdoor Jonas M Luster (06/24/02)
    • Re: backdoor Greg A. Woods (06/25/02)
    • Re: backdoor Hugo van der Kooij (06/25/02)
  • Re: backdoor Christopher L Calvert (06/24/02)
    • Re: backdoor Valdis.Kletnieks@vt.edu (06/25/02)
  • RE: backdoor Liam Grant (06/25/02)
• Unusual proxy port scan Bill Royds (06/23/02)
  • RE: Unusual proxy port scan Bill Royds (06/23/02)
    • Re: Unusual proxy port scan James Sneeringer (06/26/02)
  • RE: Unusual proxy port scan Jim Harrison (SPG) (06/24/02)
• Re: Ending a few arguments with one simple attachment. KF (06/27/02)
• port 32814 Brian Collins (06/22/02)
  • Re: SQL port probe repeats Harlan S. Barney, Jr. (06/23/02)
    • Re: SQL port probe repeats David Barnett (06/23/02)
• Re: Worm1800.exe on UnderNet modem modem (06/22/02)
• Analyse Worm18000 Wesley (06/22/02)
• ICMP type 12 packets Marcus Nelson (06/21/02)
  • RE: ICMP type 12 packets Jim Harrison (SPG) (06/21/02)
  • Re: ICMP type 12 packets Thomas Springer (06/21/02)
• Worm1800.exe on UnderNet? cw (06/20/02)
  • RE: Worm1800.exe on UnderNet? Darren Windham (06/20/02)
  • Re: Worm1800.exe on UnderNet? Alex Lambert (06/20/02)
  • Re: Worm1800.exe on UnderNet? Jean-Luc (06/20/02)
    • Re: Worm1800.exe on UnderNet? Ryan Russell (06/20/02)
  • Re: Worm1800.exe on UnderNet? Kelly Brown (06/21/02)
    • Re: Worm1800.exe on UnderNet? K. Graham (06/21/02)
    • Re: Worm1800.exe on UnderNet? bonk@webchat.chatsystems.com (06/21/02)
    • FollowUp: Worm1800.exe on UnderNet? cw (06/21/02)
      • Re: FollowUp: Worm1800.exe on UnderNet? Ryan Russell (06/21/02)
• Port 4927 traffic spike joe@beq.ca (06/20/02)
  • Re: Port 4927 traffic spike H C (06/20/02)
• Strange web vulnerability scanner Joao Gouveia (06/20/02)
  • Re: Strange web vulnerability scanner Jorge Silva (06/20/02)
• automatic hacking tool for IIS? Matt Andreko (06/19/02)
  • Re: automatic hacking tool for IIS? Patrick Andry (06/19/02)
• ICMP Destination Unreachable in SNORT Grimes, Shawn (NIA/IRP) (06/19/02)
  • RE: ICMP Destination Unreachable in SNORT Robert Buckley (06/19/02)
• DOS by Flooding a Network Richard Ginski (06/17/02)
  • Re: DOS by Flooding a Network jlewis@lewis.org (06/17/02)
    • New script-kiddie looking scan Jeff Kell (06/18/02)
      • Re: New script-kiddie looking scan Jeff Kell (06/18/02)
      • Re: New script-kiddie looking scan Michael H. Warfield (06/18/02)
      • Re: New script-kiddie looking scan Barry Kostjens (06/19/02)
      • Re: New script-kiddie looking scan Luis Bruno (06/18/02)
      • Re: New script-kiddie looking scan zeno (06/18/02)
      • Re: New script-kiddie looking scan Chris Ess (06/19/02)
      • Re: New script-kiddie looking scan Alain Fauconnet (06/19/02)
      • Re: New script-kiddie looking scan Steffen Dettmer (06/19/02)
      • Re: New script-kiddie looking scan Russell Fulton (06/18/02)
      • RE: New script-kiddie looking scan Mike Ciavarella (06/19/02)
      • RE: New script-kiddie looking scan David Jacoby (06/19/02)
  • Re: DOS by Flooding a Network Skip Carter (06/18/02)
  • Re: DOS by Flooding a Network W.G. Iyer (06/18/02)
    • Re: DOS by Flooding a Network Vitaly Osipov (06/18/02)
  • Re: DOS by Flooding a Network Richard Ginski (06/18/02)
  • RE: DOS by Flooding a Network Mike Hrubes (06/18/02)
  • RE: DOS by Flooding a Network David Vincent (06/18/02)
• Distributed ICMP/UDP scan or attack? Jason Dixon (06/16/02)
  • Re: Distributed ICMP/UDP scan or attack? J Jewitt (06/17/02)
  • RE: Distributed ICMP/UDP scan or attack? Edward Beheler (06/17/02)
  • RE: Distributed ICMP/UDP scan or attack? Boyan Krosnov (06/17/02)
• RE: [logs] nimda web server logs Baklarz, Ron (06/13/02)
• remote openssh probe or crack?. Lic. Rodolfo Gonzalez Gonzalez (06/13/02)
  • Re: remote openssh probe or crack?. Josha Bronson (06/13/02)
  • Odd traffic on port 7002 need help figuring it out. steveg (06/13/02)
    • Re: Odd traffic on port 7002 need help figuring it out. nito (06/14/02)
      • Re: Odd traffic on port 7002 need help figuring it out. steveg (06/14/02)
  • Re: remote openssh probe or crack?. Justin Coffey (06/13/02)
  • Re: remote openssh probe or crack?. Oblek (06/13/02)
  • Re: remote openssh probe or crack?. Skip Carter (06/13/02)
    • Re: remote openssh probe or crack?. Nate Campi (06/13/02)
  • Re: remote openssh probe or crack?. woof@droopy.2y.net (06/13/02)
  • Re: remote openssh probe or crack?. Christian Vogel (06/13/02)
  • Re: remote openssh probe or crack?. m@rl206.org (06/13/02)
    • Re: remote openssh probe or crack?. Rich Henning (06/14/02)
    • Re: remote openssh probe or crack?. gabriel rosenkoetter (06/14/02)
• DSL Modem or Router Cracked? Klepinger, Aaron (06/12/02)
  • Re: DSL Modem or Router Cracked? Ian Reynolds (06/13/02)
  • RE: DSL Modem or Router Cracked? NESTING, DAVID M (SBCSI) (06/13/02)
  • RE: DSL Modem or Router Cracked? Klepinger, Aaron (06/13/02)
    • RE: DSL Modem or Router Cracked? Ryan Russell (06/13/02)
  • RE: DSL Modem or Router Cracked? Robert Starliper (06/14/02)
  • Re: DSL Modem or Router Cracked? HggdH (06/13/02)
  • Re: [logs] nimda web server logs Lewis E. Wolfgang (06/13/02)
  • Re: [logs] nimda web server logs quentyn@fotango.com (06/13/02)
• Spooky traffic from a loopback address? Clinton Smith (06/11/02)
  • Re: Spooky traffic from a loopback address? gabriel rosenkoetter (06/13/02)
• Dial-Up Percentage Abuse Chris (06/07/02)
  • RE: Dial-Up Percentage Abuse Rob Keown (06/07/02)
  • Re: Dial-Up Percentage Abuse Valdis.Kletnieks@vt.edu (06/07/02)
  • Re: Dial-Up Percentage Abuse measl@mfn.org (06/07/02)
  • Re: Dial-Up Percentage Abuse Nathan Vack (06/07/02)
    • Re: Dial-Up Percentage Abuse Rob Shein (06/07/02)
  • Re: Dial-Up Percentage Abuse Chris (06/07/02)
• Strange IIS Pattern... Antonio Stano (06/05/02)
  • RE: Strange IIS Pattern... Mark L. Jackson (06/05/02)
• increase of scans against port 1524 High Speed (06/05/02)
  • RE: increase of scans against port 1524 Foster, Belinda (06/05/02)
  • Re: increase of scans against port 1524 Joe Matusiewicz (06/05/02)
  • Re: increase of scans against port 1524 GrdnWsl (06/05/02)
    • Re: increase of scans against port 1524 Drew Schaffner (06/05/02)
  • Re: increase of scans against port 1524 Michael Katz (06/05/02)
  • RE: increase of scans against port 1524 Antonio Montes (06/05/02)
  • Re: increase of scans against port 1524 gminick (06/05/02)
  • Re: increase of scans against port 1524 gminick (06/05/02)
  • Re: increase of scans against port 1524 Lance Spitzner (06/05/02)
  • Re: increase of scans against port 1524 Steven M. Christey (06/07/02)
• [incident] IIS defacement through FTP, possible DoS Iain Craig (06/05/02)
  • Re: [incident] IIS defacement through FTP, possible DoS Jean-Luc (06/05/02)
  • Re: [incident] IIS defacement through FTP, possible DoS Matthew.Brown@predictive.com (06/05/02)
  • Re: [incident] IIS defacement through FTP, possible DoS Michael Katz (06/05/02)
  • Re: [incident] IIS defacement through FTP, possible DoS Muhammad Faisal Rauf Danka (06/05/02)
  • RE: [incident] IIS defacement through FTP, possible DoS Iain Craig (06/06/02)
    • Re: [incident] IIS defacement through FTP, possible DoS Patrick Andry (06/06/02)
• Corrupted pd.zip archive fixed H C (06/05/02)
• RE: Port 445 increase? [UPDATE] Mike Hrubes (06/04/02)
• New version of procdmp H C (06/04/02)
• Port 445 increase? Mike Hrubes (06/03/02)
  • Re: Port 445 increase? Baribault, Gary (06/04/02)
  • RE: Port 445 increase? Jim Harrison (SPG) (06/04/02)
  • Re: Port 445 increase? Muhammad Faisal Rauf Danka (06/04/02)
    • Re: Port 445 increase? Brian Collins (06/04/02)
  • Re: Port 445 increase? Eric Monti (06/06/02)
    • Re: Port 445 increase? Daniel Polombo (06/06/02)
• June Scan of the Month Challenge Roshen Chandran (06/03/02)
• scanning from WANADOO-CABLE-BD Hugo van der Kooij (06/02/02)
  • RE: scanning from WANADOO-CABLE-BD Jonkman, Matthew A. (06/03/02)
  • Re: scanning from WANADOO-CABLE-BD Jon Nelson (06/03/02)
    • Re: scanning from WANADOO-CABLE-BD Pieter-Bas IJdens (06/04/02)
    • Re: scanning from WANADOO-CABLE-BD Abhi (06/04/02)
  • RE: scanning from WANADOO-CABLE-BD NESTING, DAVID M (SBCSI) (06/03/02)
• Re: Application Scanning 1033/tcp? Ned Lowe (06/01/02)
  • Re: Application Scanning 1033/tcp? Muhammad Faisal Rauf Danka (06/01/02)

Last message date: 06/29/02
Archived on: 06/29/02 CEST

---

195 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > incidents  > 2002-06