The entries you are seeing are caused by the army of infected MS IIS server
(Codered, Nimda, etc) try to hack into other IIS servers at random. I see
these on every web server I manage that aren't behind a firewall (ie,
blocking port 80).
Andrew Tait
System Administrator
Country NetLink Pty, Ltd
E
Andras GALAMBOSI wrote:
Hello all,
...
as the webserver is an ii$, I am sure, that some firewall rules must be set
up for these two ports. The access.log shows, that is a MUST:
GET /scripts/root.exe?/c+dir HTTP/1.0
GET /MSADC/root.exe?/c+dir HTTP/1.0
GET /c/winnt/system32/cmd.exe?/...
Hi
I
The entries you are seeing are caused by the army of infected MS IIS server
(Codered, Nimda, etc) try to hack into other IIS servers at random. I see
these on every web server I manage that aren't behind a firewall (ie,
blocking port 80).
Andrew Tait
System Administrator
Country NetLink Pty, Ltd
Thats in your neighborhood dude, Here in Boston, you sneeze and
blue lights are flashing...
g.
-Original Message-
From: Christopher Petro [mailto:[EMAIL PROTECTED]
Behalf Of Petro
Sent: Monday, March 25, 2002 5:30 PM
To: Gary MacDougall
Cc: Langdon Green; andreas mayer; debian-security@l
i'm in the middle of switching from ipchains to iptables right now and i
haven't tested my DNAT rules yet, but from what i understand, packets
pass through the FORWARD chain in the filter table after the PREROUTING
chain in the nat table.
see the second paragraph here:
http://netfilter.samba.org/do
Andras GALAMBOSI wrote:
> Hello all,
>
> ...
> as the webserver is an ii$, I am sure, that some firewall rules must be set
> up for these two ports. The access.log shows, that is a MUST:
> GET /scripts/root.exe?/c+dir HTTP/1.0
> GET /MSADC/root.exe?/c+dir HTTP/1.0
> GET /c/winnt/system32/cmd.ex
On Mon, Mar 25, 2002 at 04:50:17PM -0500, Gary MacDougall wrote:
> Agreed.
> I'll never understand why people will let "crackers" reap havoc
> on a network without issue, but if someone comes up and tries
> to break into my house, the police will be there in 2 seconds.
Hate to break it to you,
Yes, I've had a person that I had a judgement against change jobs once the
papers were in to start taking money from his paycheck. The only thing is
that I know until he pays up what the court says, he has to change jobs
every 6 months.
Is going to court for everyone? No, its up to you to decid
Hello all,
sorry to disturb you with this silly question. I am sure, that it is obvius
to all list members (except me ;)
scenario: intranet (10.10.1.x) with win clients (NT & 2k), gateway (Debian
GNU/Linux potato with kernel 2.4.18 + iptables). NAT is used for requests
from intranet to Intern
i'm in the middle of switching from ipchains to iptables right now and i
haven't tested my DNAT rules yet, but from what i understand, packets
pass through the FORWARD chain in the filter table after the PREROUTING
chain in the nat table.
see the second paragraph here:
http://netfilter.samba.org/d
Agreed.
I'll never understand why people will let "crackers" reap havoc
on a network without issue, but if someone comes up and tries
to break into my house, the police will be there in 2 seconds.
g.
-Original Message-
From: Langdon Green [mailto:[EMAIL PROTECTED]
Sent: Monday, March 25,
>I think the net is freedom, and that is good...
That is the silliest thing I have ever heard. So what you are saying is
that any kiddy/professional attacker is allowed to do whatever they want to
anyones systems and data because the net is "freedom".
Equate it to the real world...if someone bre
Thats in your neighborhood dude, Here in Boston, you sneeze and
blue lights are flashing...
g.
-Original Message-
From: Christopher Petro [mailto:[EMAIL PROTECTED]]On
Behalf Of Petro
Sent: Monday, March 25, 2002 5:30 PM
To: Gary MacDougall
Cc: Langdon Green; andreas mayer; [EMAIL PROTEC
On Mon, Mar 25, 2002 at 04:50:17PM -0500, Gary MacDougall wrote:
> Agreed.
> I'll never understand why people will let "crackers" reap havoc
> on a network without issue, but if someone comes up and tries
> to break into my house, the police will be there in 2 seconds.
Hate to break it to you
Yes, I've had a person that I had a judgement against change jobs once the
papers were in to start taking money from his paycheck. The only thing is
that I know until he pays up what the court says, he has to change jobs
every 6 months.
Is going to court for everyone? No, its up to you to deci
Hello all,
sorry to disturb you with this silly question. I am sure, that it is obvius
to all list members (except me ;)
scenario: intranet (10.10.1.x) with win clients (NT & 2k), gateway (Debian
GNU/Linux potato with kernel 2.4.18 + iptables). NAT is used for requests
from intranet to Inter
Agreed.
I'll never understand why people will let "crackers" reap havoc
on a network without issue, but if someone comes up and tries
to break into my house, the police will be there in 2 seconds.
g.
-Original Message-
From: Langdon Green [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 2
>I think the net is freedom, and that is good...
That is the silliest thing I have ever heard. So what you are saying is
that any kiddy/professional attacker is allowed to do whatever they want to
anyones systems and data because the net is "freedom".
Equate it to the real world...if someone br
__
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy Awards®
http://movies.yahoo.com/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> Does this work? Going to civil court against a cracker? YES. It
> comes down to:
>
> Do you have the time to wait for a result or lawsuit?
> Do you know or have a lawyer that is net-smart or willing to learn?
> Do you have the start-up money for the lawsuit? (at least
> $1,000-$5000)
Sorry to
You do have another option, sue them in Civil court. Just because someone
tries to break into your computer does not mean that you have to go to the
Feds in order to get anything done, you can take them to civil court and
sue them.
Granted, this is a long process, you must have a good lawyer tha
> > What's the normal way to make a security bug report?
> apt-get install bug
The 'bug' package is for "normal" bugs. [EMAIL PROTECTED] seems to be
the good place to report security problems. Sorry for my previous post.
--
Benoît Sibaud
R&D Engineer - France Telecom
--
To UNSUBSCRIBE, email
-Original Message-
From: Benoît Sibaud [mailto:[EMAIL PROTECTED]
Sent: Monday, March 25, 2002 4:55 PM
To: debian-security@lists.debian.org
Subject: Security problem in PHP3+Postgres with Potato?
> What's the normal way to make a security bug report?
apt-get install bug
__
__
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy Awards®
http://movies.yahoo.com/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> Does this work? Going to civil court against a cracker? YES. It
> comes down to:
>
> Do you have the time to wait for a result or lawsuit?
> Do you know or have a lawyer that is net-smart or willing to learn?
> Do you have the start-up money for the lawsuit? (at least
> $1,000-$5000)
Sorry t
Hi, I'd just like to point out that every time I think of the book
Applied Cryptography I always think of swarms of bacteria and weird
conspiracies :)
-Original Message-
From: Damian M Gryski [mailto:[EMAIL PROTECTED] On Behalf Of Damian M
Gryski
Sent: Tuesday, March 26, 2002 1:58 AM
To: d
On Mon, 25 Mar 2002, Winfried M. Thalmeier wrote:
> > Hi, I have been studying crypto systems for awhile now and it seems that the
> > best resource on the subject bar none is APPLIED CRYPTOGRAPHY written by
> > Bruce Schneier 2nd Edition has copious code examples and execellent easy to
> > underst
Hi,
I think I found a security problem in PHP3+postgres+apache shipped with
Potato.
Correct me if I'm wrong, but the following code should support any $var.
If you uncomment the client_encoding line, I'm able to execute any
request I want with the good $var.
%<--
$c
You do have another option, sue them in Civil court. Just because someone
tries to break into your computer does not mean that you have to go to the
Feds in order to get anything done, you can take them to civil court and
sue them.
Granted, this is a long process, you must have a good lawyer th
> > What's the normal way to make a security bug report?
> apt-get install bug
The 'bug' package is for "normal" bugs. [EMAIL PROTECTED] seems to be
the good place to report security problems. Sorry for my previous post.
--
Benoît Sibaud
R&D Engineer - France Telecom
--
To UNSUBSCRIBE, email
-Original Message-
From: Benoît Sibaud [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 25, 2002 4:55 PM
To: [EMAIL PROTECTED]
Subject: Security problem in PHP3+Postgres with Potato?
> What's the normal way to make a security bug report?
apt-get install bug
___
Hi, I'd just like to point out that every time I think of the book
Applied Cryptography I always think of swarms of bacteria and weird
conspiracies :)
-Original Message-
From: Damian M Gryski [mailto:[EMAIL PROTECTED]] On Behalf Of Damian M
Gryski
Sent: Tuesday, March 26, 2002 1:58 AM
To:
On Mon, 25 Mar 2002, Winfried M. Thalmeier wrote:
> > Hi, I have been studying crypto systems for awhile now and it seems that the
> > best resource on the subject bar none is APPLIED CRYPTOGRAPHY written by
> > Bruce Schneier 2nd Edition has copious code examples and execellent easy to
> > unders
On Fri, 23 Mar 2001 13:50:54 +0100
"Philippe Seidel" <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> As you are the only security-related list I'm subscribed to and
> cryptography has something to do with security, I'm directing this
> question to this list.
> [...]
Hi Philippe,
I'm reading 'Cryptograp
Hi,
I think I found a security problem in PHP3+postgres+apache shipped with
Potato.
Correct me if I'm wrong, but the following code should support any $var.
If you uncomment the client_encoding line, I'm able to execute any
request I want with the good $var.
%<--
$
Scott Jardine wrote:
>
> Hi, I have been studying crypto systems for awhile now and it seems that the
> best resource on the subject bar none is APPLIED CRYPTOGRAPHY written by
> Bruce Schneier 2nd Edition has copious code examples and execellent easy to
> understand explaination of practically al
On Fri, 23 Mar 2001 13:50:54 +0100
"Philippe Seidel" <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> As you are the only security-related list I'm subscribed to and
> cryptography has something to do with security, I'm directing this
> question to this list.
> [...]
Hi Philippe,
I'm reading 'Cryptogra
Scott Jardine wrote:
>
> Hi, I have been studying crypto systems for awhile now and it seems that the
> best resource on the subject bar none is APPLIED CRYPTOGRAPHY written by
> Bruce Schneier 2nd Edition has copious code examples and execellent easy to
> understand explaination of practically a
In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes:
>What's the best way to figure
>out the admin for a subnet from a machine's IP?
As others have pointed out, whois is the normal tool to do it, but
they forgot to mention the complexities you get with servers pointing
to each other and somet
41 matches
Mail list logo
