[Dshield] Unknown.level3.net:80 attempted to attack my

ALEPH0 aleph0 at pacbell.net
Sun Sep 1 19:47:03 GMT 2002


If the Lockheed guys say so, what's the evidence?  What you presented looks
like harmless web surfing to legitimate sites (msn.com, nipc.gov,
nohack.net) and probably Norton AntiVirus RealTimeScan protection running.
(Isn't rtvscan.exe in your process list?  That's what those LISTENING lines
all are.)  Perhaps the Lockheed fellows are not used to examining a typical
Windows desktop on, I guess a broadband DSL public network (Ellijay
Telephone Company).  Dates on files could be screwy for one example if you
are getting them from an archive (tar/zip/...), for instance from a source
that has date misconfigured or an OS with different date configs.  What is
the nature of those files?

I wouldn't encourage you to abandon the list, Linda.  Many of the frequent
posterss are quite knowlwdgeable and very serious about these matters, with
occasional peer review of each other's theories.  BS is squashed pretty
soundly and quickly.

As far as attitude is concerned, you have to realize many are system and
network admins who are frustrated with industry's lack of understanding and
concern in vital areas.





More information about the list mailing list