[unisog] Hacking Attempts
Green, Steven J
SGreen at Central.UH.EDU
Fri Feb 11 14:09:54 GMT 2005
We have recently seen some of our desktops hacked with a particular
exploit. The exploit is a Servu ftp server that accepts connections from
200.* and 201.*. There is no banner. Services added are WinUPD, Simple,
and Winlogon. The attacks occur on port 5100 after the initial machine
Does anyone have any detailed information regarding this specific hack?
Also, has anyone else seen this hack?
Thanks for a reply.
Security and Disaster Recovery
University of Houston
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the unisog