BIND scan from Wanadoo.fr

From: Gary Baribault (gary@baribault.net)
Date: 08/16/02


Date: Thu, 15 Aug 2002 20:23:30 -0400
To: incidents@securityfocus.com
From: Gary Baribault <gary@baribault.net>

I am used to seeing those idiots scanning for FTP and I have them all
blocked in and out with out logged .. Recently I say a big jump in OUTPUT
REJECTs and when I investigated I found 62.155/11 scanning for BIND .. I
also recently noticed them scanning for HTTP. Anyone seen this as well?

Gary Baribault
gary@baribault.net

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com



Relevant Pages

  • Re: Scan for anonymous ftp...
    ... : If someone is scanning for anonymous Ftp:s is that ok? ... Most ftp sites have a policy. ... tags it with a "unerasable" direcory structure and ... This is not legal and is usually reported by the firewall admin ...
    (comp.security.firewalls)
  • Re: LAN issue with FTP
    ... We are unable to install the scanning software on this ... >>It is my understanding that the scanning software uses ftp to communicate ... this pc will not install this software. ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: [Whitehat] BIND scan from Wanadoo.fr
    ... > I am used to seeing those idiots scanning for FTP and I have them all ... > REJECTs and when I investigated I found 62.155/11 scanning for BIND .. ... I am not observing any bind scans from that subnet, but I am seeing a lot ... of IIS script exploit attemtps and PHP content disposition exploit ...
    (Incidents)
  • Re: address already in use
    ... Our networ scanner software was running an ftp ... server for scanning to FTP I just had to change the port ...
    (microsoft.public.inetserver.iis.ftp)
  • Re: BIND scan from Wanadoo.fr
    ... >REJECTs and when I investigated I found 62.155/11 scanning for BIND .. ... >For more information on this free incident handling, management ... >and tracking system please see: http://aris.securityfocus.com ...
    (Incidents)