SecurityFocus Incidents
By Thread

195 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

---

Starting: 01/02/03
Ending: 01/31/03

• klez variant?? Peter Snell (01/30/03)
  • RE: klez variant?? Stephen A. Santos (01/31/03)
• HTML email bug [was: (Fwd) hi] lsi (01/30/03)
• Firewall logging port 6346 Jos Kirps|EducDesign (01/29/03)
  • RE: Firewall logging port 6346 Christopher Wagner (01/30/03)
  • Re: Firewall logging port 6346 Vestal, David (01/30/03)
  • Re: Firewall logging port 6346 David Hickman (01/30/03)
• Take note of products that don't "advertise" they have MSDE/SQL i ntegration. Shaw, Kevin (01/28/03)
• Packet from port 80 with spoofed microsoft.com ip Michael Rowe (01/29/03)
  • Re: Packet from port 80 with spoofed microsoft.com ip Chris Wilkes (01/29/03)
    • Re: Packet from port 80 with spoofed microsoft.com ip Michael Rowe (01/30/03)
  • Re: Packet from port 80 with spoofed microsoft.com ip Thiago Conde Figueiró (01/29/03)
    • Re: Packet from port 80 with spoofed microsoft.com ip Valdis.Kletnieks@vt.edu (01/30/03)
    • Re: Packet from port 80 with spoofed microsoft.com ip Rich Puhek (01/30/03)
  • Re: Packet from port 80 with spoofed microsoft.com ip H C (01/29/03)
    • Re: Packet from port 80 with spoofed microsoft.com ip Michael Rowe (01/30/03)
      • Re: Packet from port 80 with spoofed microsoft.com ip Kurt Seifried (01/30/03)
  • RE: Packet from port 80 with spoofed microsoft.com ip NESTING, DAVID M (SBCSI) (01/29/03)
    • Re: Packet from port 80 with spoofed microsoft.com ip Michael Rowe (01/30/03)
  • Re: Packet from port 80 with spoofed microsoft.com ip Keith Owens (01/30/03)
    • Re: Packet from port 80 with spoofed microsoft.com ip dr john halewood (01/30/03)
    • Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Tomasz Papszun (01/30/03)
      • RE: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) greg@optionsinternet.com (01/30/03)
      • Re: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Russell Fulton (01/31/03)
      • Re: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Peter Triller (01/31/03)
      • Re: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Gary Flynn (01/30/03)
      • RE: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Loki (01/31/03)
      • Re: Packets from 255.255.255.255(80) (was: Packet from port 80 with spoofed microsoft.com ip) Chris (12/20/02)
  • RE: Packet from port 80 with spoofed microsoft.com ip Larsen, Colin (01/30/03)
  • Re: Packet from port 80 with spoofed microsoft.com ip zmajd fully (01/31/03)
• MSDE contained in... (MS Office ? really ?) Chris Caydes (01/28/03)
  • Re: MSDE contained in... (MS Office ? really ?) Deus, Attonbitus (01/29/03)
• Variant or original posting to packetstormsecurity - long oobs3c02@attbi.com (01/28/03)
  • Re: Variant or original posting to packetstormsecurity - long Helmut Springer (01/29/03)
• MSDE contained in... Tina Bird (01/28/03)
  • Re: MSDE contained in... Johannes Ullrich (01/28/03)
    • Re: MSDE contained in... Davis Ray Sickmon, Jr (01/28/03)
  • RE: MSDE contained in... Mark E. Donaldson (01/29/03)
  • RE: MSDE contained in... Kurt (01/28/03)
  • Re: MSDE contained in... Stefan Laudat (01/29/03)
  • RE: MSDE contained in... jeremy.ford@advancepcs.com (01/29/03)
  • Re: MSDE contained in... Johan Augustsson (01/29/03)
  • RE: MSDE contained in... Bojan Zdrnja (01/29/03)
  • RE: MSDE contained in... Bruce McLeod (01/30/03)
  • RE: MSDE contained in... JP Vossen (01/31/03)
• Scan UDP port 135 Gkruel (01/28/03)
  • Re: Scan UDP port 135 Russell Fulton (01/29/03)
  • Re: Scan UDP port 135 Michael H. Warfield (01/29/03)
• MS SQL server worm logs question Ian O'Brien (01/27/03)
• wierd: udp port 0 traffic Gianni Tedesco (01/27/03)
• internet status Tina Bird (01/26/03)
• graphical stats of new SQL worm Mark J. Lastdrager (01/25/03)
  • Re: graphical stats of new SQL worm abretten@kroger.com (01/27/03)
• Microsoft SQL Server 2000 worm - port 1434 Carl Inglis (01/25/03)
• SQL Sapphire Worm Analysis Marc Maiffret (01/25/03)
  • Re: SQL Sapphire Worm Analysis terry white (01/27/03)
    • RE: SQL Sapphire Worm Analysis Marc Maiffret (01/27/03)
    • Re: SQL Sapphire Worm Analysis dr john halewood (01/27/03)
    • Re: SQL Sapphire Worm Analysis Micheal Patterson (01/27/03)
    • RE: SQL Sapphire Worm Analysis trent dilkie (01/27/03)
• Paypal.com hosting IRC server, possible hack? mistymountainhop@hushmail.com (01/24/03)
  • Re: Paypal.com hosting IRC server, possible hack? dtm@paypal.com (01/25/03)
• New MS SQL Server Worm H D Moore (01/25/03)
• Is anyone else seeing a real heavy incrase in TCP/1434? Scott C. Kennedy (01/25/03)
• Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Patrick Finch (01/25/03)
• New Web Hack? incidents.nospam13@web-cities.net (01/24/03)
• strange attacks - flood udp packets from 1030 to msql Uwe Dippel (01/25/03)
  • RE: strange attacks - flood udp packets from 1030 to msql Drew, Dale (01/25/03)
  • Re: strange attacks - flood udp packets from 1030 to msql Víctor (01/25/03)
  • Re: strange attacks - flood udp packets from 1030 to msql Eric Nelson (01/26/03)
  • RE: strange attacks - flood udp packets from 1030 to msql Dan Perez (01/25/03)
• udp/1434 Jens Hektor (01/25/03)
• Increased activity on UDP/1434 Dmitri Smirnov (01/25/03)
  • Re: Increased activity on UDP/1434 Otto Dandenell (01/25/03)
  • Re: Increased activity on UDP/1434 Justin Bloom (01/25/03)
  • Re: Increased activity on UDP/1434 Sam Evans (01/25/03)
  • Re: Increased activity on UDP/1434 slswick@aep.com (01/25/03)
  • Re: Increased activity on UDP/1434 Dejan (01/25/03)
  • Re: Increased activity on UDP/1434 Dave Aitel (01/25/03)
• SNMP Weirdness Keith Pachulski (01/20/03)
  • Re: SNMP Weirdness Michael Roberts (01/23/03)
  • RE: SNMP Weirdness James C Slora Jr (01/23/03)
  • RE: SNMP Weirdness Smith, Donald (01/23/03)
  • RE: SNMP Weirdness Thomas Ray (01/24/03)
  • Re: SNMP Weirdness Christian Vogel (01/23/03)
    • Re: SNMP Weirdness Carlo Ottaviani (01/27/03)
• New spam-probing wave? Patrick Oonk (01/21/03)
  • Re: New spam-probing wave? Pauling (01/23/03)
  • Re: New spam-probing wave? Jeff Kell (01/23/03)
  • RE: New spam-probing wave? Danny (01/25/03)
• unusual http access in proxy log Martin K. Lee - XML Consulting (01/23/03)
• mIRC Zombie, port 445 Tino Didriksen (01/19/03)
  • Re: mIRC Zombie, port 445 pj@esec.dk (01/22/03)
  • Re: mIRC Zombie, port 445 Jeff Bollinger (01/22/03)
    • RE: mIRC Zombie, port 445 Michael LaSalvia (01/23/03)
  • RE: mIRC Zombie, port 445 Michael LaSalvia (01/22/03)
  • Re: mIRC Zombie, port 445 Tino Didriksen (01/22/03)
  • Re: mIRC Zombie, port 445 Sami Rautiainen (01/22/03)
    • strange traffic Wim Mees (01/25/03)
      • Re: strange traffic Thierry Zoller (01/25/03)
      • Re: strange traffic kris carlier (01/25/03)
  • Re: mIRC Zombie, port 445 Andreas Str|m (01/22/03)
• Re: Strange Apache logs - maybe DDOS? Axel Beckert (01/19/03)
• RE: IRC -> smtp worm? Scott Phelps (01/09/03)
• Odd Shares showing up on workstations J Jewitt (01/16/03)
  • Re: Odd Shares showing up on workstations H C (01/22/03)
• SGI.com hosts HACKED and being abused by scriptkiddies on IRC. Zehra Erseymen (01/15/03)
• Openbsd 3.2 wtmp delay and named backdoor Eric Weaver (01/15/03)
  • Re: Openbsd 3.2 wtmp delay and named backdoor Jose Nazario (01/21/03)
  • Re: Openbsd 3.2 wtmp delay and named backdoor Crist J. Clark (01/20/03)
  • Re: Openbsd 3.2 wtmp delay and named backdoor Valdis.Kletnieks@vt.edu (01/20/03)
  • Re: Openbsd 3.2 wtmp delay and named backdoor f.johan.beisser (01/20/03)
• Hacked web server Rogelio Vidaurri Courcelle (01/10/03)
  • Re: Hacked web server Tibor Biro (01/13/03)
  • Re: Hacked web server Michael Katz (01/13/03)
    • Re: Hacked web server sunzi (01/14/03)
    • RE: Hacked web server Michael LaSalvia (01/13/03)
  • Re: Hacked web server Ryan Yagatich (01/17/03)
    • RE: Hacked web server Jason Coombs (01/21/03)
      • RE: Hacked web server Ryan Yagatich (01/24/03)
  • Re: Hacked web server John Pugh (01/21/03)
• RE: Virus? Trojan? James C Slora Jr (01/10/03)
  • RE: Virus? Trojan? Nick FitzGerald (01/13/03)
    • Re: Virus? Trojan? James C. Slora Jr. (01/13/03)
  • Re: Curious "spam" (or broken viral payload)... Mark (01/09/03)
  • Re: Curious "spam" (or broken viral payload)... GertJan Hagenaars (01/09/03)
  • Re: Curious "spam" (or broken viral payload)... John Washington (01/09/03)
• Any known exploit for the samba 2.2.2-2.2.6 encrypted password vuln? Neulinger, Nathan (01/08/03)
• Possible google hack Johnson, April (01/07/03)
  • Re: Possible google hack rsavage@nandomedia.com (01/07/03)
• Re[2]: Spoofed RFC1918 Network Source Addresses... Security Consultant (11/19/02)
• Root password changed RCS (01/04/03)
  • Re: Root password changed james (01/06/03)
  • RE: Root password changed Michael LaSalvia (01/06/03)
  • Re: Root password changed Chris Barford (01/06/03)
  • Re: Root password changed sysadmin (01/06/03)
  • Re: Root password changed Adam Bultman (01/06/03)
  • Re: Root password changed Joe Kattner (01/06/03)
  • Re: Root password changed Lisa Casey (01/07/03)
• /sumthin Revisited Noam Eppel (01/05/03)
  • Re: /sumthin Revisited Chris Barford (01/06/03)
  • RE: /sumthin Revisited Wolf, Glenn (01/06/03)
  • Re: /sumthin Revisited Chris Norris (01/07/03)
    • Re: /sumthin Revisited Sverre H. Huseby (01/07/03)
      • RE: /sumthin Revisited Jonathan A. Zdziarski (01/07/03)
      • RE: /sumthin Revisited Jonathan A. Zdziarski (01/07/03)
    • Re: /sumthin Revisited Sverre H. Huseby (01/07/03)
      • Re: /sumthin Revisited Michael Katz (01/08/03)
      • Re: /sumthin Revisited noconflic (01/08/03)
      • RE: /sumthin Revisited Jonathan A. Zdziarski (01/07/03)
  • RE: /sumthin Revisited Rob Keown (01/08/03)
• Subseven 2.2 Server? Nick Jacobsen (01/04/03)
  • Re: Subseven 2.2 Server? dataspy (01/06/03)
• Thanks everyone! RE: MS IIS 5 server is hacked leaving undeletable folders and files Don Phillipe (01/03/03)
  • Re: Thanks everyone! RE: MS IIS 5 server is hacked leaving undeletable folders and files Nick Jacobsen (01/04/03)
• Mysterious "Support" account created on Win2k server Ostfeld, Thomas (01/02/03)
  • Re: Mysterious "Support" account created on Win2k server Scott Fendley (01/02/03)
    • Re: Mysterious "Support" account created on Win2k server Floydman (01/03/03)
  • RE: Mysterious "Support" account created on Win2k server Ed Street (01/02/03)
  • RE: Mysterious "Support" account created on Win2k server Matthew Cole (01/03/03)
    • RE: Mysterious "Support" account created on Win2k server kyle@kylelai.com (01/03/03)
      • RE: Mysterious "Support" account created on Win2k server H C (01/03/03)
      • RE: Mysterious "Support" account created on Win2k server kyle@kylelai.com (01/03/03)
  • RE: Mysterious "Support" account created on Win2k server Michiel Overtoom (01/03/03)
    • RE: Mysterious "Support" account created on Win2k server Michael LaSalvia (01/04/03)
  • RE: Mysterious "Support" account created on Win2k server kyle@kylelai.com (01/03/03)
• RE: MS IIS 5 server is hacked leaving undeletable folders and fil es David Vincent (01/02/03)
• What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Gary Flynn (12/31/02)
  • RE: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (12/31/02)
    • RE: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Christopher X. Candreva (01/02/03)
  • Re: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Kevin Reardon (01/02/03)
    • Re: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Russell Fulton (01/02/03)
• MS IIS 5 server is hacked leaving undeletable folders and files Don Phillipe (12/31/02)
  • Re: MS IIS 5 server is hacked leaving undeletable folders and files Duncan Hill (01/02/03)
  • RE: MS IIS 5 server is hacked leaving undeletable folders and files Willsey, Rob (CCI-Omaha) (01/02/03)
  • RE: MS IIS 5 server is hacked leaving undeletable folders and files Richard Donovan (01/02/03)
  • Re: MS IIS 5 server is hacked leaving undeletable folders and files James Turner (01/02/03)
• Re: RPAT - Realtime Proxy Abuse Triangulation tcleary2@csc.com.au (12/31/02)
  • Re: RPAT - Realtime Proxy Abuse Triangulation Stephen P. Berry (01/02/03)
  • Re: RPAT - Realtime Proxy Abuse Triangulation Stephen J. Friedl (01/02/03)
• NC_S_ISLCK? Shirley, Ed (01/01/03)
• PDL anti-spam blacklist John Paul (12/31/02)
  • RE: PDL anti-spam blacklist Christopher Wagner (01/02/03)
  • Re: PDL anti-spam blacklist Mark (01/02/03)
  • Re: PDL anti-spam blacklist jlewis@lewis.org (01/02/03)
  • RE: PDL anti-spam blacklist Brian Taylor (01/03/03)
    • RE: PDL anti-spam blacklist James Friesen (01/04/03)
  • RE: PDL anti-spam blacklist Brian Taylor (01/05/03)
    • RE: PDL anti-spam blacklist Jonathan A. Zdziarski (01/06/03)
• Abnormally high Sub-Seven attack rate increase Eric Kimminau (12/31/02)
  • Re: Abnormally high Sub-Seven attack rate increase Jeff Kell (01/02/03)
  • RE: Abnormally high Sub-Seven attack rate increase James C Slora Jr (01/02/03)
    • RE: Abnormally high Sub-Seven attack rate increase H C (01/03/03)
• Re: Virus? Trojan? Jonathan Rickman (12/31/02)
  • Re: Virus? Trojan? Nick FitzGerald (12/31/02)

Last message date: 01/31/03
Archived on: 01/31/03 CET

---

195 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > incidents  > 2003-01