SecurityFocus Incidents
By Thread

247 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

---

Starting: 10/01/02
Ending: 10/31/02

• Port 1975 rogue service WIlliam Kintz (10/31/02)
• DOS ATTACK Hunt, Jim (10/28/02)
  • Re: DOS ATTACK james (10/29/02)
    • RE: DOS ATTACK Jonathan A. Zdziarski (10/29/02)
    • Re: DOS ATTACK Alex Lambert (10/29/02)
  • RE: DOS ATTACK David Vincent (10/29/02)
    • RE: DOS ATTACK Jose Nazario (10/29/02)
  • RE: DOS ATTACK McCammon, Keith (10/29/02)
  • Re: DOS ATTACK Hugo van der Kooij (10/29/02)
    • Apache DoS Module Patch (WAS RE: DOS ATTACK) Jonathan A. Zdziarski (10/29/02)
      • RE: Apache DoS Module Patch (WAS RE: DOS ATTACK) Jonathan A. Zdziarski (10/29/02)
  • RE: DOS ATTACK Muhammad Faisal Rauf Danka (10/29/02)
  • Re: DOS ATTACK Blake Girardot (10/29/02)
    • RE: DOS ATTACK Jonathan A. Zdziarski (10/29/02)
    • RE: DOS ATTACK Trey A Mujakporue (10/29/02)
  • Re: DOS ATTACK Micheal Patterson (10/29/02)
    • Re: DOS ATTACK Gary Flynn (10/30/02)
      • Re: DOS ATTACK Kurt Seifried (10/30/02)
      • Re: DOS ATTACK Gary Flynn (10/31/02)
  • Re: DOS ATTACK Richard Archer (10/29/02)
  • RE: DOS ATTACK Black, Braden (10/29/02)
  • RE: DOS ATTACK McCammon, Keith (10/30/02)
• Re: Strange attacks Russell Fulton (10/29/02)
• Web log abuse? Hugo van der Kooij (10/28/02)
• Apache 1.3.26 seg faults & bus errors rsavage@nandomedia.com (10/25/02)
  • Re: Apache 1.3.26 seg faults & bus errors Ryan Sweat (10/26/02)
    • RE: Apache 1.3.26 seg faults & bus errors Rory Savage (10/26/02)
      • Re: Apache 1.3.26 seg faults & bus errors Cy Schubert - CITS Open Systems Group (10/30/02)
• Keep connecting to remote host on port 7869 Frank Cheong (10/25/02)
  • Re: Keep connecting to remote host on port 7869 Anthony LaMantia (10/26/02)
  • Re: Keep connecting to remote host on port 7869 Luis Bruno (10/26/02)
  • Re: Keep connecting to remote host on port 7869 Frank Cheong (10/28/02)
• ABfrag followup / WITHOUT ATTACHMENT daniel.roberts@hushmail.com (10/24/02)
• Slapper questions Griff Palmer (10/23/02)
  • Re: Slapper questions Stephen Smoogen (10/24/02)
    • Re: Slapper questions Matt Harris (10/24/02)
      • Re: Slapper questions Hugo van der Kooij (10/25/02)
  • Re: Slapper questions Hugo van der Kooij (10/24/02)
  • Re: Slapper questions Cian Whalley (10/28/02)
• Unusual ICMP Traffic jeff@thepostmaster.net (10/22/02)
  • Re: Unusual ICMP Traffic Brett Glass (10/23/02)
• Connection Attempts - Port 8047 Brian Morkert (10/22/02)
• Invalid IP address Steven Lee (10/21/02)
  • Re: Invalid IP address Kerry Thompson (10/22/02)
    • Re: Invalid IP address David Pick (10/22/02)
  • Re: Invalid IP address Dave Phelps (10/22/02)
    • Re: Invalid IP address Jérôme Tytgat (10/23/02)
• unusual packet (tcpdump shows): rad-#0 41 [id 0] Attr[ Melt Man (10/18/02)
  • Re: unusual packet (tcpdump shows): rad-#0 41 [id 0] Attr[ James Sneeringer (10/19/02)
  • Re: unusual packet (tcpdump shows): rad-#0 41 [id 0] Attr[ Ryan Yagatich (10/19/02)
  • Re: unusual packet (tcpdump shows): rad-#0 41 [id 0] Attr[ James Williams (10/22/02)
  • RE: unusual packet (tcpdump shows): rad-#0 41 [id 0] Attr[ James Williams (10/24/02)
• a different, stranger port 137 activity Wisniewski, Michael (10/18/02)
  • Re: a different, stranger port 137 activity H C (10/19/02)
  • Hiding IP addresses in trace data John Kristoff (10/21/02)
    • Re: Hiding IP addresses in trace data Jose Nazario (10/22/02)
      • Re: Hiding IP addresses in trace data Russell Fulton (10/22/02)
    • Re: Hiding IP addresses in trace data Vern Paxson (10/22/02)
  • Re: a different, stranger port 137 activity daniele.muscetta@libero.it (10/24/02)
• Thanks on NetBios DoSing... Nicholas C. Weaver (10/18/02)
• DoS and Windows Login Nicholas C. Weaver (10/17/02)
  • RE: DoS and Windows Login Paul Carroll (10/18/02)
  • Re: DoS and Windows Login Brad Arlt (10/18/02)
  • Re: DoS and Windows Login KoRe MeLtDoWn (10/18/02)
• Slapper worm "ink" instead of "cinik" (Re: slapper worm varient "cinik") GiulioMaria Fontana (10/17/02)
  • Re: Slapper worm "ink" instead of "cinik" (Re: slapper worm varient "cinik") Jose Nazario (10/17/02)
• HTTP attack looking for /sumthin ? jmaywood1975@hushmail.com (10/17/02)
  • Re: HTTP attack looking for /sumthin ? zeno (10/17/02)
  • Re: HTTP attack looking for /sumthin ? cory (10/17/02)
    • Re: HTTP attack looking for /sumthin ? Scott C. Kennedy (10/18/02)
  • RE: HTTP attack looking for /sumthin ? Esler, Joel (10/17/02)
  • Re: HTTP attack looking for /sumthin ? H C (10/17/02)
  • Re: HTTP attack looking for /sumthin ? Johnny Calhoun (10/18/02)
    • Re: HTTP attack looking for /sumthin ? Patrick Oonk (10/18/02)
      • Re: HTTP attack looking for /sumthin ? Hugo van der Kooij (10/19/02)
  • Re: HTTP attack looking for /sumthin ? Fred Williams (10/17/02)
  • RE: HTTP attack looking for /sumthin ? Beckett, Josh (10/17/02)
• Security problem in installation IE sp1 ? Honza.K (10/17/02)
  • RE: Security problem in installation IE sp1 ? Wolf, Glenn (10/18/02)
• Linux Kernel Exploits / ABFrag daniel.roberts@hushmail.com (10/17/02)
  • Re: Linux Kernel Exploits / ABFrag eax@3xT.org (10/17/02)
  • Re: Linux Kernel Exploits / ABFrag dr john halewood (10/17/02)
  • Re: Linux Kernel Exploits / ABFrag Christopher Wagner (10/17/02)
  • Re: Linux Kernel Exploits / ABFrag Ali Saifullah Khan (10/18/02)
    • Re: Linux Kernel Exploits / ABFrag Benjamin Krueger (10/19/02)
  • Re: Linux Kernel Exploits / ABFrag Curt Wilson (10/21/02)
    • Re: Linux Kernel Exploits / ABFrag h2g.sec.list@zipmail.com.br (10/22/02)
    • Re: Linux Kernel Exploits / ABFrag Erik Sperling Johansen (10/22/02)
• ...continuing saga of Windows Messenger SPAM, was re: (blank) Gary Flynn (10/16/02)
• Help me identify this IIS DoS attack Alex Boge (10/16/02)
  • Re: Help me identify this IIS DoS attack Denis Dimick (10/17/02)
    • RE: Help me identify this IIS DoS attack Bojan Zdrnja (10/17/02)
  • RE: Help me identify this IIS DoS attack YAO,TONY (HP-NewZealand,ex1) (10/17/02)
    • RE: Help me identify this IIS DoS attack Alex Boge (10/17/02)
  • RE: Help me identify this IIS DoS attack Bojan Zdrnja (10/17/02)
  • RE: Help me identify this IIS DoS attack Alex Boge (10/17/02)
• RE: Hay,Daniel (10/15/02)
  • RE: Hugo van der Kooij (10/15/02)
    • Cacheflow proxy abuse (was: no subject) Alain Fauconnet (10/16/02)
      • Re: Cacheflow proxy abuse (was: no subject) Hugo van der Kooij (10/16/02)
      • RE: Cacheflow proxy abuse (was: no subject) Jeremy Junginger (10/17/02)
  • RE: popup msg spamming Pavel Kankovsky (10/15/02)
  • RPC-Spam issue, was => RE: H C (10/15/02)
  • RE: T. Willner, Elitetraderz.com (10/16/02)
  • Re: Gary Flynn (10/16/02)
• MD5 mystery Joern Kersten (10/14/02)
• Source of Windows PopUp SPAM Lawrence Baldwin (10/13/02)
  • RE: Source of Windows PopUp SPAM Lawrence Baldwin (10/15/02)
    • Re: Source of Windows PopUp SPAM Ron Trenka (10/16/02)
      • Re: Source of Windows PopUp SPAM Michael Katz (10/17/02)
      • Re: Source of Windows PopUp SPAM Nick FitzGerald (10/17/02)
  • RE: Source of Windows PopUp SPAM Brenna Primrose (10/16/02)
  • RE: Source of Windows PopUp SPAM H C (10/16/02)
  • RE: Source of Windows PopUp SPAM Rob Keown (10/17/02)
    • RE: Source of Windows PopUp SPAM H C (10/17/02)
      • Re: Source of Windows PopUp SPAM Gary Flynn (10/17/02)
  • Re: Source of Windows PopUp SPAM Richard Akerman (10/18/02)
  • Re: Source of Windows PopUp SPAM David Kennedy CISSP (10/19/02)
• apache problem Andre Guimaraes (10/12/02)
  • Re: apache problem Ryan Sweat (10/15/02)
    • Re: apache problem zeno (10/15/02)
    • RE: apache problem Jonathan A. Zdziarski (10/15/02)
      • Re: apache problem Bob Johnson (10/16/02)
  • Re: apache problem SZALAY Attila (10/15/02)
  • Re: apache problem cory (10/15/02)
    • Re: apache problem Bob Johnson (10/16/02)
  • Re: apache problem Hugo van der Kooij (10/15/02)
    • Re: apache problem Homer Wilson Smith (10/16/02)
      • Re: apache problem Hugo van der Kooij (10/16/02)
      • Re: apache problem Stephen Smoogen (10/17/02)
      • RE: apache problem Jonathan A. Zdziarski (10/18/02)
      • RE: apache problem Jonathan A. Zdziarski (10/18/02)
      • Re: apache problem Jason Giglio (10/18/02)
      • Re: apache problem Stephen Smoogen (10/18/02)
• Re: RES: SNMP vulnerability test? John Beuke (10/12/02)
  • Re: RES: SNMP vulnerability test? Mark Tinberg (10/15/02)
  • Re: RES: SNMP vulnerability test? Kurt Seifried (10/15/02)
• Strange Message Reasoner, Scott (10/11/02)
  • Re: Strange Message Paul Wilson (10/11/02)
  • Re: Strange Message Deus, Attonbitus (10/11/02)
  • Re: Strange Message Chris Brenton (10/11/02)
    • RE: Strange Message John Stauffacher (10/11/02)
      • RE: Strange Message Jason Robertson (10/12/02)
  • Re: Strange Message Gary Flynn (10/11/02)
    • Re: Strange Message Gary Flynn (10/11/02)
• RE: Forensics CD Black, Braden (10/10/02)
  • RE: Forensics CD Matthew Franz (10/10/02)
• Re: Forensics CD Boutros (10/09/02)
  • Re: Forensics CD Ryan McBride (10/09/02)
    • Re: Forensics CD sunzi (10/10/02)
• Interesting Logs to port 8941 Ryan Yagatich (10/09/02)
  • Re: Interesting Logs to port 8941 Ryan Yagatich (10/21/02)
• CfP: 19C3 Chaos Communication Congress 2002 Pluto (10/09/02)
• VS: Why can I see other traffic at switch environment just tcpdump? Toni Heinonen (10/09/02)
• Antwort: Re: Forensics CD (was: Re: Strange Folder oliver.biermann@mobilcom.de (10/09/02)
• Why can I see other traffic at switch environment just tcpdump? SB CH (10/08/02)
  • Re: Why can I see other traffic at switch environment just tcpdump? Kelly Martin (10/09/02)
    • RE: Why can I see other traffic at switch environment just tcpdump? Rob Shein (10/09/02)
  • Re: Why can I see other traffic at switch environment just tcpdump? Darryl Luff (10/09/02)
• Strange Folder discipulus (10/05/02)
  • Re: Strange Folder Nick Jacobsen (10/06/02)
  • Re: Strange Folder discipulus (10/06/02)
  • Re: Strange Folder Neil Dickey (10/06/02)
    • Re: Strange Folder discipulus (10/06/02)
    • Forensics CD (was: Re: Strange Folder Meritt James (10/07/02)
      • Re: Forensics CD (was: Re: Strange Folder Neil Dickey (10/07/02)
      • Re: Forensics CD (was: Re: Strange Folder Nick FitzGerald (10/08/02)
      • Re: Forensics CD (was: Re: Strange Folder robjeh@wanadoo.nl (10/08/02)
      • Re: Forensics CD (was: Re: Strange Folder Chet Uber (10/08/02)
      • RE: Forensics CD (was: Re: Strange Folder Brian Taylor (10/08/02)
      • Re: Forensics CD (was: Re: Strange Folder sunzi (10/09/02)
      • Re: Forensics CD (was: Re: Strange Folder Ryan McBride (10/08/02)
      • Re: Forensics CD (was: Re: Strange Folder Neil Dickey (10/09/02)
      • RE: Forensics CD (was: Re: Strange Folder Morris, Rod (10/10/02)
      • RE: Forensics CD (was: Re: Strange Folder Jonathan Watts (10/10/02)
  • Re: Strange Folder P.P. Lodder (10/06/02)
  • Re: Strange Folder discipulus (10/06/02)
    • Re: Strange Folder Midkaemia (10/06/02)
      • Re: Strange Folder discipulus (10/07/02)
  • Re: Strange Folder Hiroaki Kondo (10/07/02)
• high number of code red events Marcelo Bartsch (10/03/02)
  • Re: high number of code red events michal@ns.lounsko.cz (10/07/02)
• question about slapper fingers (10/03/02)
• UDP:137 source IP distribution John Sage (10/02/02)
• Possible remote vulnerability in SSH-1.2.27 stealth (10/02/02)
  • Re: Possible remote vulnerability in SSH-1.2.27 Alexandru Frangeti (10/03/02)
  • Re: Possible remote vulnerability in SSH-1.2.27 Andrei Muresan (10/03/02)
    • Re: Possible remote vulnerability in SSH-1.2.27 Alexandru Balan (10/04/02)
      • Re: Possible remote vulnerability in SSH-1.2.27 Alvin Oga (10/05/02)
• Interesting new DDoS method? Keith T. Morgan (10/02/02)
  • Re: Interesting new DDoS method? zeno (10/02/02)
• RE: Increase in SSH scans Paulo.Sedrez@weavers.com.br (10/02/02)
• RE: DNS servers outbound connections. NESTING, DAVID M (SBCSI) (10/01/02)
  • RE: DNS servers outbound connections. Philip Bartholomew (10/02/02)
• W2K Compromise - PipeCmdSrv Philip (10/01/02)
  • Re: W2K Compromise - PipeCmdSrv Curt Wilson (10/05/02)
    • Re: W2K Compromise - PipeCmdSrv Erik Sperling Johansen (10/05/02)
  • Re: W2K Compromise - PipeCmdSrv woofz@gmx.net (10/08/02)
  • Re: W2K Compromise - PipeCmdSrv woofz@gmx.net (10/09/02)
  • Re: W2K Compromise - PipeCmdSrv sfuston@blomand.net (10/20/02)
    • Re: W2K Compromise - PipeCmdSrv H C (10/21/02)
• slapper changed to udp 1812? fingers (10/01/02)
  • Re: slapper changed to udp 1812? Marcelo Bartsch (10/01/02)
    • Re: slapper changed to udp 1812? ¥Ûµ¾¥ô (10/02/02)
      • Re: slapper changed to udp 1812? Burak DAYIOGLU (10/03/02)
• Port 137 probes Bubsy (10/01/02)
• Strange random-number.file entries in Apache logs Sam Campbell (09/30/02)
• IIS Using Port 1843 Matt Barton (09/30/02)
  • Re: IIS Using Port 1843 Jean-Baptiste Marchand (10/01/02)
• Re: Unusual volume: UDP:137 probes Christopher Albert (09/30/02)
  • Re: Unusual volume: UDP:137 probes Nick FitzGerald (09/30/02)
  • Re: Unusual volume: UDP:137 probes Hugo van der Kooij (10/01/02)
    • SV: Unusual volume: UDP:137 probes Peter Kruse (10/01/02)
  • Re: Unusual volume: UDP:137 probes Axel Pettinger (10/01/02)
    • Re: Unusual volume: UDP:137 probes James Sneeringer (10/01/02)
      • maybe a simple problem Andrew Fison (10/02/02)
      • Re: maybe a simple problem Igor D. Spivak (10/02/02)
      • RE: maybe a simple problem Brooke, O'neil (EXP) (10/02/02)
      • RE: maybe a simple problem Greg Reber (10/03/02)
      • Re: maybe a simple problem Brad Arlt (10/02/02)
      • Re: maybe a simple problem Michael Anuzis (10/03/02)
      • RE: maybe a simple problem Robinson, Sonja (10/03/02)
      • RE: maybe a simple problem george.wasgatt@insurity.com (10/04/02)
      • RE: maybe a simple problem Robinson, Sonja (10/04/02)
      • RE: maybe a simple problem george.wasgatt@insurity.com (10/04/02)
      • RE: maybe a simple problem Clayton Hoskinson (10/05/02)
      • RE: maybe a simple problem Jeff Peterson (10/04/02)
      • RE: maybe a simple problem Hugo van der Kooij (10/05/02)
      • Re: maybe a simple problem tabrams@hklaw.com (10/05/02)
      • RE: maybe a simple problem Rob Keown (10/06/02)
  • Re: Unusual volume: UDP:137 probes Maxime Ducharme (10/01/02)
• Re: WinXP integrated packet filtering Maxime Ducharme (09/30/02)
• RE: Unusual volume: UDP:137 probes Bamm (Robert) Visscher (09/30/02)
  • RE: Unusual volume: UDP:137 probes Joseph R. Gruber (09/30/02)
  • RE: Unusual volume: UDP:137 probes Mark Forsyth (10/01/02)
  • RE: Unusual volume: UDP:137 probes Richard.Grant@mail.state.ky.us (10/01/02)
    • RE: Unusual volume: UDP:137 probes Nick FitzGerald (10/03/02)
      • Re: Unusual volume: UDP:137 probes Alain Fauconnet (10/04/02)
      • Re: Unusual volume: UDP:137 probes Matt Power (10/05/02)
  • RE: Unusual volume: UDP:137 probes Scott, Michael R. (10/01/02)
    • Re: Unusual volume: UDP:137 probes John Sage (10/01/02)
  • RE: Unusual volume: UDP:137 probes Scott, Michael R. (10/01/02)
  • RE: Unusual volume: UDP:137 probes Jeremy Junginger (10/02/02)
  • RE: Unusual volume: UDP:137 probes Sam Campbell (10/03/02)

Last message date: 10/31/02
Archived on: 10/31/02 CET

---

247 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > incidents  > 2002-10