[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] script kiddies are a pain RaQ4

Subject: Re: [cobalt-users] script kiddies are a pain RaQ4
From: "Carrie Bartkowiak" <ravencarrie@xxxxxxxx>
Date: Mon Mar 12 00:33:01 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

>I have noticed that some stupid little pain is trying for
>many hours now to get into a password protected directory on our
>server. The logs show that they are trying to get access by brute
>force. But, the IP address is different for every single attempt!

You know what? This looks more like the effects of a newsgroup posting than
one person trying different IPs. The IPs are just so widely varied from
attempt to attempt, seems to me that it's a group of people.
Anyhow, you can WHOIS the IP addies and contact the owners, just in case
they aren't forged. Send along the logs as proof when you write them. Some
of these might be compromised boxes. Even if they're not, the forging itself
will get the true IP owners interested, because that could get them into a
heap of trouble. You might be able to get some help in dealing with this
buttwipe.

Best of luck - and patience.  ;)

CarrieB

Follow-Ups:
- RE: [cobalt-users] script kiddies are a pain RaQ4
  - From: Dan Kriwitsky

References:
- [cobalt-users] script kiddies are a pain RaQ4
  - From: James Riordon

Prev by Date: RE: [cobalt-users] Weekly Cron Error zcat
Next by Date: RE: [cobalt-users] .ie domain registration
Previous by thread: RE: [cobalt-users] script kiddies are a pain RaQ4
Next by thread: RE: [cobalt-users] script kiddies are a pain RaQ4

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index