[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Extensive Hack Attack - Was C drive hack

Subject: RE: [cobalt-users] Extensive Hack Attack - Was C drive hack
From: "Dom" <d.latter@xxxxxxx>
Date: Tue Sep 18 09:09:44 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> Major pain. Anyway to detect the origin or at least a waypoint?

You've got the IP...

As yet, no word from the usual sources of information.  So until
somebody "sacrifices" an IIS machine to find out exactly what it
is, it's hard to tell.  It's clearly automated, and the sheer 
scale of it suggests a worm.  It seems to use the CRII trick of
picking "nearby" IP addresses, and it tries a variety of exploits:
checking if there is a CRII backdoor in there and then going on
to try the various "directory traversal" stunts that have been
around a while.

Follow-Ups:
- [cobalt-users] AOL Hack Attack or Bust!
  - From: Sim Ayers

Prev by Date: [cobalt-users] new PHP, Apache, & mySQL .pkg's don't work together
Next by Date: RE: [cobalt-users] copy email solution
Previous by thread: Re: [cobalt-users] upgrading an already installed MySQL?
Next by thread: [cobalt-users] AOL Hack Attack or Bust!

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index