[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Hacked ??

Subject: [cobalt-users] Hacked ??
From: "Joe Lange" <jlange@xxxxxxxxxxx>
Date: Wed Jun 13 02:58:03 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Logging into my RAQ it looks like someone is using it for scanning but I
cannot find the process I have limited access to our network via tcp wrap
but it appears someone is still using the box ...This is a production DNS
server so taking it offline is
not a very good option if it can be avoided can somone offer some advice on
haw to stop the attack ????

Joe Lange
Systems Administrator
NCI Data.com
Methow.com







tcp        0      1 raq.ncidata.com:3378    207.40.84.251:sunrpc    SYN_SENT
tcp        0      1 raq.ncidata.com:3377    207.40.84.250:sunrpc    SYN_SENT
tcp        0      1 raq.ncidata.com:3376    207.40.84.249:sunrpc    SYN_SENT
tcp        0      1 raq.ncidata.com:3375    207.40.84.248:sunrpc    SYN_SENT
tcp        0      1 raq.ncidata.com:3504    terre.terressenc:sunrpc SYN_SENT
tcp        0      1 raq.ncidata.com:3503    sign.lillichsign:sunrpc SYN_SENT
tcp        0      1 raq.ncidata.com:3502    tire.hostetlerti:sunrpc SYN_SENT
tcp        0      1 raq.ncidata.com:3501    furn.furndirect.:sunrpc SYN_SENT
tcp        0      1 raq.ncidata.com:3500    rapid.rapidsenso:sunrpc SYN_SENT
tcp        0      1 raq.ncidata.com:3499    rapid.rapidsenso:sunrpc SYN_SENT
tcp        0      1 raq.ncidata.com:3498    blah.kuntrynet.c:sunrpc SYN_SENT
tcp        0      1 raq.ncidata.com:3898    207.40.87.6:sunrpc      SYN_SENT
tcp        0      1 raq.ncidata.com:3897    207.40.87.5:sunrpc      SYN_SENT
tcp        0      1 raq.ncidata.com:3896    207.40.87.4:sunrpc      SYN_SENT
tcp        0      1 raq.ncidata.com:3895    207.40.87.3:sunrpc      SYN_SENT
tcp        0      1 raq.ncidata.com:3894    207.40.87.2:sunrpc      SYN_SENT
tcp        0      1 raq.ncidata.com:3893    207.40.87.1:sunrpc      SYN_SENT
tcp        0      1 raq.ncidata.com:3892    207.40.87.0:sunrpc      SYN_SENT
tcp        0      1 raq.ncidata.com:3922    207.40.87.30:sunrpc     SYN_SENT
tcp        0      1 raq.ncidata.com:3921    207.40.87.29:sunrpc     SYN_SENT
tcp        0      1 raq.ncidata.com:3920    207.40.87.28:sunrpc     SYN_SENT
tcp        0      1 raq.ncidata.com:3919    207.40.87.27:sunrpc     SYN_SENT
tcp        0      1 raq.ncidata.com:3918    207.40.87.26:sunrpc     SY

Follow-Ups:
- Re: [cobalt-users] Hacked ??
  - From: Frederic Stos
- Re: [cobalt-users] Hacked ??
  - From: Kevin D

Prev by Date: Re: [cobalt-users] Hacked??
Next by Date: Re: [cobalt-users] Analog where users can see it?
Previous by thread: Re: [cobalt-users] Analog where users can see it?
Next by thread: Re: [cobalt-users] Hacked ??

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index