|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Exodus: this is bad
They went for our FreeBSD box too, and around the same time everyone else is being scanned, I'm starting to think that this has got to be a worm. Nov 16 16:08:31 ns1 telnetd[6355]: connect from mcserver.com Nov 16 16:08:31 ns1 telnetd[6354]: connect from mcserver.com On Mon, 16 Nov 1998, Robert C. Henney wrote: > > On Mon, 16 Nov 1998, Brian wrote: > > > > > No, but I see stuff from this: > > > > > > Nov 16 15:14:34 venus in.telnetd[17889]: connect from 209.119.115.65 > > > Nov 16 15:14:35 venus in.telnetd[17890]: connect from 209.119.115.65 > > > Both of our BSDi nameservers as well. Just a while after your were hit. > Definatly a pattern forming here. > > Nov 16 15:57:05 iron [email protected][10984]: connect from 209.119.115.65 > Nov 16 15:57:06 iron [email protected][10985]: connect from 209.119.115.65 > > Nov 16 16:06:01 nickel [email protected][1118]: connect from 209.119.115.65 > Nov 16 16:06:01 nickel [email protected][1120]: connect from 209.119.115.65 > > > > -- > Rob @ MV Staff > [email protected] > (603) 629-0000 > --------------------------------------------------------------------- Jari Takkala - <[email protected]> / <[email protected]> System Administrator - Digital-Network http://www.digital-network.net ---------------------------------------------------------------------
|