[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] possible hack attempt?

Subject: [ale] possible hack attempt?
From: jj at spiderone.spiderentertaiment.com (jj at spiderone.spiderentertaiment.com)
Date: Fri, 3 Dec 1999 01:46:51 -0500 (EST)

Well just keep your eye open on the ip sources, I get about 10 folks per
day ether trying to telnet, ftp, mail, scans, and all kinds of stuff.. 



On Thu, 2 Dec 1999, smn wrote:

> I saw this in my /var/log/messages:
> Dec  1 12:00:51 smnolde portmap[18350]: connect from 203.251.180.252 to
> dump(): request from unauthorized host
> 
> And in /var/log/secure:
> Dec  1 12:00:34 smnolde in.telnetd[18347]: refused connect from
> bbs.tntnet.co.kr
> Dec  1 12:00:34 smnolde in.ftpd[18348]: refused connect from
> bbs.tntnet.co.kr
> Dec  1 12:00:38 smnolde in.telnetd[18349]: refused connect from
> bbs.tntnet.co.kr
> Dec  1 12:00:52 smnolde in.ftpd[18351]: refused connect from
> bbs.tntnet.co.kr
> Dec  1 12:00:53 smnolde in.ftpd[18352]: refused connect from
> bbs.tntnet.co.kr
> 
> I had his domain .kr in my hosts.deny file so tcp wrappers did it's job
> (I hope!).  Has anyone else seen this guy?  Telnetting to him shows ZIP
> BBS server.  Anyone know about this?
> 
> - Scott
>

Prev by Date: [ale] linux routing problem
Next by Date: [ale] any way to convert/adapt BNC or AUI -> RJ45 connection ?
Previous by thread: [ale] possible hack attempt?
Next by thread: [ale] Perl Question
Index(es):
- Date
- Thread