North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Exodus / Clue problems
Since this is an attack on name servers, I found the following http://www.cert.org/summaries/CS-98.04.html it may or may not be relvent. But it mentions IMAP, named and that attacks come from name servers that have been comprimised. James At 06:25 PM 11/15/98 -0600, William S. Duncanson wrote: >Seeing it here, too. > >At 18:52 11/15/98 -0500, Daniel Senie wrote: >>[email protected] wrote: >>> >>> Let me guess - the IP is 209.67.50.254, and they're trying to login to >>> nameservers as "root", sometimes a dozen times per second? >> >>I'm seeing that IP address trying to telnet into my name servers (don't >>know if it's as root, since my filters are blocking them). I also see >>them trying to access IMAP on my servers. >> >>Dan >> >>-- >>----------------------------------------------------------------- >>Daniel Senie [email protected] >>Amaranth Networks Inc. http://www.amaranthnetworks.com > > >William S. Duncanson [email protected] >The driving force behind the NC is the belief that the companies who brought us >things like Unix, relational databases, and Windows can make an appliance that >is inexpensive and easy to use if they choose to do that. -- Scott Adams > > James McKenzie [email protected] http://www.1ipnet.net
|