North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Don't it remind you this Exodus attack?

  • From: Alex P. Rudnev
  • Date: Tue Nov 17 08:02:16 1998

Derived from the protocol of hacker's activity (server in ITALY):

^@nohup ntpq  34. 56.45.3  2  04.71.177.70   80 80 &
^@
^@nohup ./ntpq 74.56.88.99  2094.71.177.71 80 80 &
^@ 
^@nohup ./ntpq   44.67.92.1   204.71.200.72 80  800 80 &
^@cat /dev/ptyp
^@nnohup  ./ntpq  34.18.81.3  204.71.200.5^?75   80 8080 &80 80 
&&^[[D^[[D^[[C^?^?^?^?^?^?^?^?
^@
^@nohup ./ntpq t234.232.12.565 .565204.71.^?^?^?^?^?^?^?^?^?   
204.71.200.74 80 80 &
^@
^@nohup ./ntpq 77.88.99.22 204.721.177.35  80 80 8 &


You are talking about... FBI... spoofing... Really it's 15 y/o boys. 
You can (if it exist yet) see one of them at http://dolo.to/.

 Aleksei Roudnev, 
Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)