[Dshield] nimda-like scanning?

John Hardin johnh at aproposretail.com
Wed Mar 27 00:28:19 GMT 2002


On Tue, 2002-03-26 at 15:53, Serge Vondandamo wrote:
> Hi guys,
> 
> I have seen the same since yesterday on one of my Web Servers then I have
> setup a honey pot to capture and analyze the data here are some information.
> 
> The IP 200.64.191.51 attacked "myweBserver" and launch a tftp session

Reminder to all, then:  DO NOT permit tftp to cross your firewalls!

-- 
John Hardin                                   <johnh at aproposretail.com>
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
-----------------------------------------------------------------------
 "They [media giants] have no idea how to do business with resourceful
  human beings rather than passive vegetables. So they run to [the]
  government for protection."
                    -- Doc Searls on the SSSCA, in Linux Journal
-----------------------------------------------------------------------
 50 days until Star Wars episode II: Attack of the Clones




More information about the list mailing list