[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] RaQ1: Hacker Login?

Subject: [cobalt-users] RaQ1: Hacker Login?
From: Erik O <erik@xxxxxxxxx>
Date: Wed Mar 15 10:28:37 2000

I have a few strange logins recorded in /var/log/secure

I can figure out what it is [ipop2d]. Here's the entry...

Mar 13 18:55:37 ns ipop2d[21805]: connect from 207.253.51.131
Mar 13 18:55:37 ns ipop2d[21806]: connect from 207.253.51.131


It has accepted connections from two IP's since the log rotated.

207.253.51.131
130.251.169.187

The last one resolves to ....
Name:    ciclamino.dibe.unige.it

I just don't like the looks of this. I can't seem to find this service
running anywhere.

Help?  :)

Erik

Prev by Date: Re: [cobalt-users] frontpage not asking for password
Next by Date: Re: [cobalt-users] ASP @ RAQ2
Previous by thread: RE: [cobalt-users] Hello!!! Anybody on this list? I have a firwall question but...
Next by thread: RE: [cobalt-users] RaQ1: Hacker Login?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index