[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] portsenty

Subject: Re: [cobalt-users] portsenty
From: Gregz <greg@xxxxxxxxxx>
Date: Mon Feb 23 00:59:01 2004
Organization: The Tplace
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Only once had success.. The stupid (insert other word for donkey) thatdid a portscan and used some silly IIS hacktool on my Qube 3. He had awebserver running for some little webdesign company he owned, with nameand address and all.. So I send him a friendly e-mail and toled him thenext would be copied to the federal police as well.


Woked like a charm. But I guess the don't come THAT dumb that often...

Dave's List Addy wrote:

On 2/20/04 9:00 AM, "Dan Kriwitsky" wrote:

I have been seeing a lot of attackalerts on our RAQ2 like

this lately:

Feb 20 04:42:32 admin portsentry[1312]: attackalert: Connect from
host: client302.gdal1.hawkcommunications.com/64.63.216.141 to TCP
port: 1080

Anyway, I suggest taking the log and passing it to the
admin(s) at hawkcomms for a start. :)

http://www.abuse.net/lookup.phtml?DOMAIN=hawkcommunications.com


Has anyone ever had any luck or action taken from reporting these things. We
do it occasionally when we have time, but seems like it is going into a
Dev/Null file. Still see the kiddies attempting to find open ports or FTP
spots for their warez.


--
http://www.tplace.org/

Any e-mail messages from Gregz are given in good faith but shall not bebinding nor shall they be construed as constituting any obligation onthe part of the author of this e-mail.

References:
- Re: [cobalt-users] portsenty
  - From: Dave's List Addy

Prev by Date: [cobalt-users] Re: Problem with PHP on raq4
Next by Date: [cobalt-users] RaQ4r to 550 OS Upgrade
Previous by thread: Re[2]: [cobalt-users] portsenty
Next by thread: Re: [cobalt-users] portsenty

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index