[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-developers] Outbound Port Scan

Subject: RE: [cobalt-developers] Outbound Port Scan
From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri Jul 18 11:37:03 2003
List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>

On Fri, 18 Jul 2003, Distortal wrote:

> cobalt-developers-admin@xxxxxxxxxxxxxxx wrote:
> > You may have been hacked.  Search the hard drive for a file called
> > Masscanner I think.  You have probably been rooted, meaning a hacker
>
> I'm a tad worried now :)
>
> I've seen a few outbound scans, mainly to my CoLo's nameservers
> (housekeeping?) but also to a seemingly unrelated verizon machine:
>
>   pool-64-223-181-251.man.east.verizon.net [64.223.181.251]
>
> And once to my own IP.  Could this be the fact I have Scan Detection enabled
> and it's backtracing the IP to block it?  It's entirely possible I've
> scanned the server to see what's happening...
>
  Take a look at /var/log/phoenix.log
  that will show you all the scans

Gerald
--
http://frontstreetnetworks.com | http://store.raqware.com
  Front Street Networks LLC, 229 Front Street, Ste.#C
  New Haven, CT 06513-3203 | phone: +1-203-785-0699

Follow-Ups:
- RE: [cobalt-developers] Outbound Port Scan
  - From: Distortal

References:
- RE: [cobalt-developers] Outbound Port Scan
  - From: Distortal

Prev by Date: RE: [cobalt-developers] Outbound Port Scan
Next by Date: RE: [cobalt-developers] Outbound Port Scan
Previous by thread: RE: [cobalt-developers] Outbound Port Scan
Next by thread: RE: [cobalt-developers] Outbound Port Scan

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index