Re: BIND scan from Wanadoo.fr

From: WebMaster@rbfcu.org
Date: 08/16/02

Previous message: Baribault, Gary: "Re: BIND scan from Wanadoo.fr"
Maybe in reply to: Gary Baribault: "BIND scan from Wanadoo.fr"
Next in thread: Baribault, Gary: "Re: BIND scan from Wanadoo.fr"
Reply: Baribault, Gary: "Re: BIND scan from Wanadoo.fr"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Gary Baribault <gary@baribault.net>
From: WebMaster@rbfcu.org
Date: Fri, 16 Aug 2002 10:42:09 -0500

I think the better question is, "has anyone ever seen the scans STOP".

wanadoo.fr is notorious for allowing this kind of garbage...

Thanks,
Michael Sorbera
Webmaster
Randolph-Brooks Federal Credit Union

"Never approach a problem with preconceived notions...having a theory is
something different, but having a preconceived notion means that you're not
necessarily going to look for data...you're going to look for data that
supports your assumption."

                    Gary Baribault
                    <gary@baribaul To: incidents@securityfocus.com
                    t.net> cc:
                                         Subject: BIND scan from Wanadoo.fr
                    08/15/2002
                    07:23 PM

I am used to seeing those idiots scanning for FTP and I have them all
blocked in and out with out logged .. Recently I say a big jump in OUTPUT
REJECTs and when I investigated I found 62.155/11 scanning for BIND .. I
also recently noticed them scanning for HTTP. Anyone seen this as well?

Gary Baribault
gary@baribault.net

----------------------------------------------------------------------------

This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Previous message: Baribault, Gary: "Re: BIND scan from Wanadoo.fr"
Maybe in reply to: Gary Baribault: "BIND scan from Wanadoo.fr"
Next in thread: Baribault, Gary: "Re: BIND scan from Wanadoo.fr"
Reply: Baribault, Gary: "Re: BIND scan from Wanadoo.fr"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Malicious web sites
... > This list is provided by the SecurityFocus ARIS analyzer service. ... > For more information on this free incident handling, management ... > and tracking system please see: http://aris.securityfocus.com ...
(Incidents)
Re: [incident] IIS defacement through FTP, possible DoS
... > This list is provided by the SecurityFocus ARIS analyzer service. ... > For more information on this free incident handling, management ... > and tracking system please see: http://aris.securityfocus.com ...
(Incidents)
RE: Distributed ICMP/UDP scan or attack?
... This list is provided by the SecurityFocus ARIS analyzer service. ... and tracking system please see: http://aris.securityfocus.com ... For more information on this free incident handling, management ...
(Incidents)
Re: strange attacks - flood udp packets from 1030 to msql
... > This list is provided by the SecurityFocus ARIS analyzer service. ... For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ...
(Incidents)
RE: Can anyone identify this backdoor?
... > and tracking system please see: http://aris.securityfocus.com ... This list is provided by the SecurityFocus ARIS analyzer service. ... For more information on this free incident handling, management ...
(Incidents)