[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] IPs related to hackers
- Subject: [cobalt-users] IPs related to hackers
- From: Diana Brake <diana@xxxxxxxxxxxxx>
- Date: Sat Feb 10 08:59:06 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Hi,
Do any of the people who have servers that have been cracked have list of
IPs these attacks originated from? I would guess that some of the
information could have been erase by the hackers, but if someone does have
this info, it would be great to share it so that the rest of us could drop
it into the /etc/hosts.deny file.
My logs show several direct attempts from these numbers over the last few days:
211.174.58.76
211.218.145.88
different services but both from Korea.
I've also been hit multiple times by this IP
63.228.49.68 - apparently from Minneapolis - uswest.net - This was
confirmed by Qwest technicians over the phone. This person has attempting
to gain access since Jan 31, 2001. After three days of using this IP,
another was introduced:
63.228.51.203 - and then another, all from Minneapolis. This person is
SERIOUS...:)
63.228.39.137
and multiple days:
61.141.204.239 from China with a truly nice response back from the admins
apologizing and promising action against the abuser.
I have lots of others from recent days, but those above were the most
persistent.
If it would be helpful, I am willing to provide the contents of my
hosts.deny file...which is pretty extensive....to anyone who asks.
Diana
Crest Communications, Inc. diana@xxxxxxxxxxxxx
Beautiful Sunny Florida http://crestcommunications.com/
352-495-9359, 425-732-9785 fax