[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[connect24h:01854] Re: 紅客再来
- To: connect24h@xxxxxxxxxxxxx
- Subject: [connect24h:01854] Re: 紅客再来
- From: DANNA <danna@xxxxxxxxxxx>
- Date: Thu, 01 Mar 2001 12:18:14 +0900
ダンナ@サポセンです。
長尾さん
> いちおう、官公庁攻撃準備中なんで、いろいろやっているのでは
> ないでしょうか?
職場のネームサーバがバリバリやられました。shellが走った痕跡は無か
ったので大丈夫だと思いますが。
# snortエライ!
[**] ALERT!! BIND-EXPLOIT attempt [**]
03/01-11:30:39.249491 137.205.187.86:3350 -> xxx.xxx.xxx.15:53
UDP TTL:48 TOS:0x0 ID:19372 IpLen:20 DgmLen:51
Len: 31
AB CD 09 80 00 00 00 01 00 00 00 00 00 00 01 00 ................
01 20 20 20 20 02 61 . .a
[**] ALERT!! BIND-EXPLOIT attempt [**]
03/01-11:30:39.315988 137.205.187.86:3356 -> xxx.xxx.xxx.54:53
[**] ALERT!! BIND-EXPLOIT attempt [**]
03/01-11:30:39.378219 137.205.187.86:3363 -> xxx.xxx.xxx.166:53
[**] ALERT!! BIND-EXPLOIT attempt [**]
03/01-11:30:39.602553 137.205.187.86:3369 -> xxx.xxx.xxx.100:53
[**] ALERT!! BIND-EXPLOIT attempt [**]
03/01-11:30:39.721337 137.205.187.86:3419 -> xxx.xxx.xxx.11:53
[**] ALERT!! BIND-EXPLOIT attempt [**]
03/01-11:30:39.760172 137.205.187.86:3420 -> xxx.xxx.xxx.253:53
[**] ALERT!! BIND-EXPLOIT attempt [**]
02/28-20:49:16.817570 12.30.16.29:1682 -> xxx.xxx.xxx.166:53
[**] ALERT!! BIND-EXPLOIT attempt [**]
02/28-20:49:18.567300 12.30.16.29:1682 -> xxx.xxx.xxx.76:53
[**] ALERT!! BIND-EXPLOIT attempt [**]
02/28-20:49:22.575465 12.30.16.29:1682 -> xxx.xxx.xxx.68:53
[**] ALERT!! BIND-EXPLOIT attempt [**]
02/28-20:51:09.440191 12.30.16.29:1682 -> xxx.xxx.xxx.1:53
[**] ALERT!! BIND-EXPLOIT attempt [**]
02/28-20:51:46.473940 12.30.16.29:1682 -> xxx.xxx.xxx.252:53
+---------------------------------------+
+ DANNA @ SAPOSEN
+ e-mail : danna@xxxxxxxxxxx
+ web site : http://www.hawkeye.ac/micky
+---------------------------------------+