[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] Extensive Hack Attack - Was C drive hack
- Subject: RE: [cobalt-users] Extensive Hack Attack - Was C drive hack
- From: "Glenn Parsons" <gparsons@xxxxxxxxxxxxx>
- Date: Wed Sep 19 07:04:04 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> -----Original Message-----
> From: cobalt-users-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Per M Knutsen
> Sent: Wednesday, September 19, 2001 4:09 PM
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-users] Extensive Hack Attack - Was C drive hack
>
>
> > In my area it was (is) very bad. This morning that command reported just
> > short of 15,000 hits on cmd.exe
>
> 46,890 here... This is beginning to get annoying.
>
> I have a list of about 2000 different IPs who are infected. Does
> anyone have
> an idea of how to get in touch with these people and tell them to
> get their
> act together? Or is that just making matters worse?
>
>
> Per M Knutsen
> http://nethut.no/~pknutsen
>
>
Hello All,
I called my ISP (T-1 provider Ardent Communications). Most of my hits were
coming from within their IP block and the only DNS resolution I could get
was to them. Of course, it's not them (at least mostly!). They advised me
that they would appreciate a list and would call the customers and warn them
to patch their servers or risk being yanked offline.
I used the script being circulated on this group to compile the list. Easy
enough!
Cheers,
Glenn