[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] quit the dumd chat man!!
- To: full-disclosure@lists.netsys.com
- Subject: [Full-Disclosure] quit the dumd chat man!!
- From: "Ferris, Robin" <R.Ferris@napier.ac.uk>
- Date: Thu, 21 Aug 2003 17:07:49 +0100
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1170" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial size=2><SPAN class=151080316-21082003>we had a honey pot
hit by some canny FTP kiddies using the RPC flaw to load up an FTP server that
ran as a service and also then execute a predifned further attack on some
specific IP's any one else seen this. very similar exploit to nachia "whatever
its called" worm</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=151080316-21082003></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=151080316-21082003>the attack came from
two uni's one in Holland and one in germany.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=151080316-21082003></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=151080316-21082003>The user name for
the ftp server they set up was fast and pword was fill!! haxor humor no
doubt!</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=151080316-21082003></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=151080316-21082003>Anyone seen anything
like this too.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=151080316-21082003></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN
class=151080316-21082003>RF</SPAN></FONT></DIV></BODY></HTML>