[lug] Attempted hack from 202.185.243.121
Paul Bille
Paul at ebille.cudenver.edu
Wed Apr 24 10:24:20 MDT 2002
> As for the "wall of shame", I get way over half of all my hack attempts
from "wanadoo.fr"
I blocked connections from abo.wanadoo.fr a while back for exactly that
reason. These folks are wasting our bandwidth for, I suspect, malicious
purposes.
Add 213.44.245.153 to the "wall of shame" and put them in your hosts.deny
Early yesterday morning (GMT -7:00 here in the Rocky Mtns USA) I had someone
from France drop a little present on my FTP server. The server is
intentionally set up so that incoming files cannot be retrieved nor can they
be executed. I changed the permissions to -rw-r--r-- for peace of mind.
Apr 21 13:55:46 liz ftpd[27511]: ANONYMOUS FTP LOGIN FROM
lns01v-6-153.w.club-internet.fr [213.44.245.153], anonymous at on.the.net
Sun Apr 21 13:57:05 2002 35 lns01v-6-153.w.club-internet.fr 28160
/var/ftp/incoming/love.exe b _ i a anonymous at on.the.net ftp 0 * c
-rwxrwxr-x 1 ftp ftp 28160 Apr 21 13:57 love.exe
The executable is smaller than W95.SoFunny.Worm at m so I don't know what it
is. Has anyone else seen anything like this?
Thanks,
Paul
http://bille.cudenver.edu/author
More information about the LUG
mailing list