[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Ford Motors IT Contact
- To: Michael Holstein <michael.holstein@xxxxxxxxxxx>, Simon Smith <simon@xxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Ford Motors IT Contact
- From: Ray P <sixsigma98@xxxxxxxxxxx>
- Date: Tue, 27 May 2008 20:18:52 +0000
When that stuff first showed up last year I emailed their ARIN contact and got
a real person. They got back to me within a day and said the same thing. SQL
Slammer is a single packet UDP attack so their response is 100% plausible.
Ray
>
> > In response to them still being infected with sql slammer and it probing
> > my networks regularly.
> >
> Let me guess .. it's 136.1.7.55 ?
>
> Here's what I get (from ford) every time that IP pops up in our
> automated abuse report ..
>
> --snip--
>
> Our investigation into this matter has determined that the recent onset
> of attacks from this IP is the result of the IP being forged by an
> external party. External parties will commonly use IP addresses that
> belong to large organizations to mask network traffic.
>
> --snip--
>
> Cheers,
>
> Michael Holstein
> Cleveland State University
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_________________________________________________________________
Keep your kids safer online with Windows Live Family Safety.
http://www.windowslive.com/family_safety/overview.html?ocid=TXT_TAGLM_WL_Refresh_family_safety_052008
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/