SecurityFocus Incidents
By Thread

165 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

---

Starting: 07/01/02
Ending: 07/31/02

• Rating Attackers Toby Miller (07/31/02)
• RE: scanning for HTTP proxies, ports 80, 81, 1080, 3128, 4480, 65 88, 8000, 8080, 8081 Bukys, Liudvikas (07/29/02)
• Packet suckers? David Carmean (07/29/02)
• scanning for HTTP proxies, ports 80, 81, 1080, 3128, 4480, 6588, 8000, 8080, 8081 Bukys, Liudvikas (07/29/02)
  • Re: scanning for HTTP proxies, ports 80, 81, 1080, 3128, 4480, 6588, 8000, 8080, 8081 faded (07/29/02)
• observations on recent unicode attacks against IIS servers Russell Fulton (07/29/02)
• Compromized Windows NT machine? GabyHornik@lotus.iot.dtag.de (07/26/02)
  • Re: Compromized Windows NT machine? dbroggy@manageworx.com (07/26/02)
  • Re: Compromized Windows NT machine? Frank Knobbe (07/27/02)
• FireDaemon exploit - part 2 purdy@hushmail.com (07/25/02)
• Anyone know this rootkit (rootkits?) Steve Bougerolle (07/25/02)
  • Re: Anyone know this rootkit (rootkits?) SilentCreek (07/25/02)
  • Re: Anyone know this rootkit (rootkits?) Anton A. Chuvakin (07/26/02)
  • Re: Anyone know this rootkit (rootkits?) (details and files attached) Steve Bougerolle (07/26/02)
    • Re: Anyone know this rootkit (rootkits?) (details and files attached) steveg (07/27/02)
• Increasing compromises of NT servers with Serv-U and Unicode ? pj@esec.dk (07/25/02)
• Bind 9.2.X exploit??? ilker (07/25/02)
  • Re: Bind 9.2.X exploit??? Muhammad Faisal Rauf Danka (07/25/02)
    • Re: Bind 9.2.X exploit??? Sebastian (07/25/02)
  • Re: Bind 9.2.X exploit??? Patrick Andry (07/25/02)
    • Re: Bind 9.2.X exploit??? David Conrad (07/25/02)
    • Re: Bind 9.2.X exploit??? Jim Clausing (07/25/02)
      • Re: Bind 9.2.X exploit??? David Conrad (07/25/02)
      • Surge of attacks on ports 61127 & 61134 Joseph (07/25/02)
      • Re: Surge of attacks on ports 61127 & 61134 Joseph (07/26/02)
  • Re: Bind 9.2.X exploit??? Alexandru Balan (07/26/02)
    • Re: Bind 9.2.X exploit??? David Carmean (07/26/02)
• Dead Thread: China Experience? Jensenne Roculan (07/24/02)
• Unicode exploits with Serv-U marko.muncan.mm@bayer-ag.de (07/23/02)
• Scanning Port UDP 4668 Ken Grossman (07/22/02)
  • RE: Scanning Port UDP 4668 Lucas (07/22/02)
  • Re: Scanning Port UDP 4668 H C (07/22/02)
    • Re: Scanning Port UDP 4668 Vitaly Osipov (07/23/02)
      • Re: Scanning Port UDP 4668 H C (07/23/02)
  • Re: Scanning Port UDP 4668 GabyHornik@lotus.iot.dtag.de (07/23/02)
• diagnose compromise on NT Ingersoll, Jared (07/22/02)
  • RE: diagnose compromise on NT Hornat, Charles (07/22/02)
  • Re: diagnose compromise on NT Patrick Andry (07/22/02)
  • Re: diagnose compromise on NT H C (07/22/02)
• Odd scan Tadas Miniotas (07/20/02)
  • RE: Odd scan McCammon, Keith (07/22/02)
  • Re: Odd scan Russell Fulton (07/21/02)
  • Re: Odd scan Muhammad Faisal Rauf Danka (07/22/02)
• FireDeamon exploit Curt Purdy (07/19/02)
  • China Experience ? Bob DeRosier (07/19/02)
    • Re: China Experience ? Russell Fulton (07/20/02)
    • Re: China Experience ? bonk@webchat.chatsystems.com (07/20/02)
      • Re: China Experience ? Nick FitzGerald (07/22/02)
    • Re: China Experience ? Yaakov Yehudi (07/22/02)
    • Re: China Experience ? bugtraq (07/22/02)
    • RE: China Experience ? Curley Mr Eric P (07/22/02)
      • Re: China Experience ? incidents.nospam13@web-cities.net (07/22/02)
      • Re: China Experience ? Paul Gear (07/22/02)
    • RE: China Experience ? Curley Mr Eric P (07/22/02)
    • Re: China Experience ? SecurityPortal (07/23/02)
    • Re: China Experience ? Steven M. Christey (07/24/02)
    • RE: China Experience ? YAO,TONY (HP-NewZealand,ex1) (07/24/02)
    • Re: China Experience ? euan (07/24/02)
    • RE: Re: China Experience ? Alif The Terrible (07/24/02)
• Vacation Troller, Please Ignore. Jensenne Roculan (07/18/02)
• Announcement Alfred Huger (07/17/02)
• TCP 1025 scanning worm? Richard Johnson (07/17/02)
  • RE: TCP 1025 scanning worm? Rob Keown (07/17/02)
  • re: TCP 1025 scanning worm? H C (07/18/02)
    • re: TCP 1025 scanning worm? Richard Johnson (07/18/02)
  • RE: TCP 1025 scanning worm? George M. Garner Jr. (07/19/02)
• Unknown/Weird Traffic? gs-list (07/14/02)
• OpenBSD rootkit Przemyslaw Frasunek (07/14/02)
  • Re: OpenBSD rootkit Mark Ruth (07/16/02)
    • Re: OpenBSD rootkit Scott Fendley (07/16/02)
  • Re: OpenBSD rootkit Markus Friedl (07/16/02)
• Conclusion: TCP port 139 probes Pavel Kankovsky (07/12/02)
• Another odd scan... Adam Young (07/12/02)
  • RE: Another odd scan... Wolf, Glenn (07/13/02)
  • Re: Another odd scan... Jose Nazario (07/13/02)
  • Re: Another odd scan... Muhammad Faisal Rauf Danka (07/13/02)
• Protocol 255 Crist J. Clark (07/11/02)
  • Frethem.K virus Joe Matusiewicz (07/15/02)
• interesting backdoor Matthew Rich (07/11/02)
• Code Red and other anomalous activity from 1433 Curley Mr Eric P (07/11/02)
  • Re: Code Red and other anomalous activity from 1433 Thomas Cannon (07/11/02)
  • RE: Code Red and other anomalous activity from 1433 Graham, Randy (RAW) (07/11/02)
  • RE: Code Red and other anomalous activity from 1433 Michael Fredericks (07/11/02)
    • RE: Code Red and other anomalous activity from 1433 lsi (07/12/02)
• Incident Analysis of Compromised OpenBSD3.0 Honeypot Michael Anuzis (07/11/02)
• Ideas? Port 21 SYNs, slow Bubsy (07/11/02)
  • Re: Ideas? Port 21 SYNs, slow Jason Giglio (07/12/02)
    • Re: Ideas? Port 21 SYNs, slow Michael H. Warfield (07/13/02)
  • Re: Ideas? Port 21 SYNs, slow Bubsy (07/13/02)
    • Re: Ideas? Port 21 SYNs, slow Buddy Nahay (07/15/02)
• Can anyone identify this backdoor? Matt Andreko (07/10/02)
  • Re: Can anyone identify this backdoor? Jhon Q Doe (07/11/02)
  • Re: Can anyone identify this backdoor? David Jacoby (07/11/02)
    • Re: Can anyone identify this backdoor? Ryan Russell (07/11/02)
  • RE: Can anyone identify this backdoor? Matt Andreko (07/11/02)
    • Re: Can anyone identify this backdoor? Matt Scarborough (07/12/02)
  • Re: Can anyone identify this backdoor? David Jacoby (07/11/02)
  • Re: Can anyone identify this backdoor? shawn merdinger (07/11/02)
  • RE: Can anyone identify this backdoor? Erick Arturo Perez Huemer (07/11/02)
  • Re: Can anyone identify this backdoor? Mark Shirley (07/11/02)
  • RE: Can anyone identify this backdoor? Richard Bartlett (07/12/02)
    • RE: Can anyone identify this backdoor? Ian Webb (07/22/02)
• heads up: scanssh modifications made public Jose Nazario (07/10/02)
• Stolen Card Purchases Jonathan A. Zdziarski (07/10/02)
  • RE: Stolen Card Purchases Greg Reber (07/10/02)
  • Re: Stolen Card Purchases Jonathan Bloomquist (07/10/02)
  • Re: Stolen Card Purchases Jonathan A. Zdziarski (07/10/02)
    • Re: Stolen Card Purchases Bill Barrett (07/10/02)
    • RE: Stolen Card Purchases Jason Coombs (07/10/02)
  • RE: Stolen Card Purchases Curley Mr Eric P (07/10/02)
  • RE: Stolen Card Purchases Ray Pompon (07/10/02)
  • RE: Stolen Card Purchases Green, Art (07/10/02)
• can't seem to find these tools/rootkit anywhere .. Henti Smith (07/10/02)
  • Re: can't seem to find these tools/rootkit anywhere .. lsi (07/10/02)
    • Re: can't seem to find these tools/rootkit anywhere .. zeno (07/10/02)
• TCP port 139 probes Pavel Kankovsky (07/09/02)
  • Re: TCP port 139 probes H C (07/10/02)
  • RE: TCP port 139 probes Dan Irwin (07/10/02)
    • RE: TCP port 139 probes Pavel Kankovsky (07/10/02)
      • RE: TCP port 139 probes Brenna Primrose (07/10/02)
      • RE: TCP port 139 probes H C (07/10/02)
      • RE: TCP port 139 probes Ryan Russell (07/13/02)
• Possible System Compromise David Baker (07/09/02)
  • RE: Possible System Compromise Mike Hrubes (07/09/02)
  • RE: Possible System Compromise Willsey, Rob (CCI-Omaha) (07/09/02)
  • Re: Possible System Compromise H C (07/10/02)
• Invalid TCP header flags kyle.r.maxwell@verizon.com (07/08/02)
  • Re: Invalid TCP header flags Crist J. Clark (07/09/02)
• Honeynet Project - Reverse Challenge results Lance Spitzner (07/08/02)
• Apache Worm / ddos Thorsten Schroeder (07/07/02)
  • RE: Apache Worm / ddos Golden_Eternity (07/08/02)
  • Re: Apache Worm / ddos Alexander Bochmann (07/08/02)
    • Re: Apache Worm / ddos Dave Mitchell (07/11/02)
• Exploit in rpc.statd 0.3.3? Roy Sigurd Karlsbakk (07/08/02)
• ftp directory scan harston (07/08/02)
  • Re: ftp directory scan Michael Katz (07/08/02)
  • RE: ftp directory scan Carey, Steve T ISD (07/08/02)
• Seeing Chuncked content james (07/05/02)
  • RE: Seeing Chuncked content Golden_Eternity (07/08/02)
• Closed thread- Anyone seen this before? Michael B. Morell (07/03/02)
• Additional- Anyone seen this before? Michael B. Morell (07/03/02)
  • Re: Additional- Anyone seen this before? Sergey Latkin (07/03/02)
• Anyone seen this before? Michael B. Morell (07/03/02)
  • Re: Anyone seen this before? H C (07/03/02)
  • RE: Anyone seen this before? Michael B. Morell (07/03/02)
    • Re: Anyone seen this before? Sergey Latkin (07/03/02)
  • RE: Anyone seen this before? george.wasgatt@insurity.com (07/03/02)
• Honeynet Project - SotM and Reverse Challenge Lance Spitzner (07/01/02)
• ftp.bitchx.org's ircii-pana-1.0c19.tar.gz is backdoored Hank Leininger (07/01/02)
  • RE: ftp.bitchx.org's ircii-pana-1.0c19.tar.gz is backdoored Nelson Brito (07/01/02)
    • RE: ftp.bitchx.org's ircii-pana-1.0c19.tar.gz is backdoored Hank Leininger (07/02/02)
• Java Yahoo! Chat and disabled keyboards H C (07/01/02)
• OpenSSH Attack? Ulrich Keil (06/29/02)
  • Re: OpenSSH Attack? Bill McCarty (07/02/02)
    • Re: OpenSSH Attack? Mike Lewinski (07/02/02)

Last message date: 07/31/02
Archived on: 07/31/02 CEST

---

165 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > incidents  > 2002-07