Hi, Listed below are the 256 unique hosts who have so far apparently attempted to use default.ida to compromise my systems: 06-064.008.popsite.net 141.31.147.21 143.107.77.6 154.11.201.8 165.112.74.7 165.254.113.251 166.142.182.155 167-zara-x13.libre.retevision.es 192.58.248.133 193.105.52.7 193.122.42.130 193.127.39.202 193.159.182.67 193.165.173.83 193.251.156.122 193.72.209.131 194.123.64.93 194.158.29.148 194.219.244.188 194.52.62.45 194.79.169.7 194.79.198.121 199.103.239.219 200.24.4.229 200.255.249.225 202.101.100.208 202.133.134.225 202.156.0.10 202.212.96.139 202.234.61.221 202.64.221.210 202.76.88.130 203.227.204.203 206.107.98.66 206.233.202.90 206.234.124.19 207.137.149.152 207.68.188.26 207.68.190.207 208.132.198.200 208.62.21.114 209-63-189-128.sea.jps.net 209.104.180.155 209.171.214.100 209.236.171.42 209.241.255.18 209.250.20.70 209.98.92.1 210.103.159.4 210.103.161.143 210.111.5.75 210.116.116.144 210.122.82.33 210.126.141.232 210.129.168.15 210.15.13.252 210.176.42.145 210.184.40.49 210.201.73.170 210.242.157.253 210.242.180.76 210.52.222.248 210.52.252.109 211.163.53.18 211.193.49.89 211.21.250.210 211.42.183.123 211.57.110.13 211.72.72.144 212.154.23.98 212.234.28.25 212.58.14.190 212.62.14.172 213-99-120-81.uc.nombres.ttd.es 213.188.95.37 213.219.48.181 213.238.130.210 213.69.108.242 213.82.131.140 217.58.179.166 38.138.109.183 38.139.17.31 38.144.193.39 38.150.127.225 38.161.199.157 38.164.93.49 38.170.183.226 38.193.198.66 38.196.141.213 38.232.214.200 38.240.119.21 61-216-24-230.hinet-ip.hinet.net 61-216-26-74.hinet-ip.hinet.net 61-216-5-17.hinet-ip.hinet.net 61-216-91-233.hinet-ip.hinet.net 61-217-108-91.hinet-ip.hinet.net 61-217-212-215.hinet-ip.hinet.net 61-218-112-116.hinet-ip.hinet.net 61.120.66.245 61.129.112.62 61.133.78.103 61.140.118.193 61.140.71.101 61.140.90.95 61.141.gd.cn 61.142.132.132 61.158.61.212 61.164.230.194 61.170.138.142 61.182.69.223 61.216.125.164 61.32.250.98 62-50-1-127.adam.psi.com 62.110.67.10 62.40.13.49 62.46.249.221 62.46.254.176 62.47.12.130 63.170.162.11 63.171.233.17 64.152.192.228 64.159.92.145 64.213.159.86 65.169.208.15 65.194.146.14 66-42-92-33.stkn.dialup.shasta.com 98warp110.newtel.com a165-173.netpoly.net a213-84-34-220.adsl.xs4all.nl adsl-138-89-91-11.nnj.adsl.bellatlantic.net adsl-63-203-40-5.dsl.snfc21.pacbell.net adsl-65-64-192-245.dsl.rcsntx.swbell.net adsl-65-67-190-90.dsl.rcsntx.swbell.net adsl-66-120-176-78.dsl.sntc01.pacbell.net adsl-stati-rmki-27.globetrotter.net afontenayssb-103-1-3-206.abo.wanadoo.fr alille-201-1-1-118.abo.wanadoo.fr alille-203-1-1-216.abo.wanadoo.fr arc10x119.kcnet.com ast-lambert-101-1-4-87.abo.wanadoo.fr astrasbourg-201-1-5-164.abo.wanadoo.fr barz98so239001.cip.sowi.uni-bamberg.de c224137.ap.plala.or.jp ca10040870-f.toro1.na.psigh.com cajun02-port01.cajunnet.com carriker57-51.qni.com cleartrac1.xs4all.nl clt56-120-034.carolina.rr.com cp48024-a.mill1.lb.nl.home.com cpfcu.com cs2416760-125.houston.rr.com cs6625141-225.austin.rr.com cs6668144-51.austin.rr.com cs6668160-198.austin.rr.com cstrike.kdupg.edu.my cx1205316-d.cv1.sdca.home.com dial-218.211.denco.rmi.net dial-90.90.cosco.rmi.net dial-c1-access-161.dockpoint.net dialup-64.156.152.91.dial1.losangeles1.level3.net dialup16-11.telenet.net dyn-078.loisirquebec.qc.ca ed111.eastnet.ecu.edu emscoet.apk.net esk-exch.eskandar.com exchange.intelli.no formazione.irsa.net ftp.firstebusiness.co.uk h16-210-64-128.greatweb.net.tw h66-59-186-161.gtconnect.net host-209-214-53-134.mgm.bellsouth.net host-209-214-53-90.mgm.bellsouth.net host-209-214-68-97.atl.bellsouth.net host197.pcplus.com host217-32-135-66.hg.mdip.bt.net host217-32-148-19.hg.mdip.bt.net host217-32-158-230.hg.mdip.bt.net host217-34-91-96.btopenworld.com host62-6-122-81.host.btclick.com hse-toronto-ppp3487556.sympatico.ca integrityds.com ip25.selena.kherson.ua ip623.boanxx6.adsl.tele.dk ip73.indianapolis14.in.pub-ip.psi.net joyce.apis.com.tw kelkoo4.zoomit.com kim-bs.de kor051.kohrman.wmich.edu m283p010.dipool.highway.telekom.at marlboro.digitinc.co.jp n005.bellac.co.jp n354p021.adsl.highway.telekom.at neon1.vb.cbs.nl node-64-249-79-104.dslspeed.zyan.com ool-18bada5b.dyn.optonline.net p0096.spl.euronet.nl p3e9ba7a6.dip.t-dialin.net p3e9bf45c.dip.t-dialin.net p3e9d557b.dip.t-dialin.net p3e9e1111.dip.t-dialin.net p3e9ec375.dip.t-dialin.net p3ee03e5a.dip.t-dialin.net p3ee04537.dip.t-dialin.net p3ee24e24.dip.t-dialin.net p3ee29c1a.dip.t-dialin.net pandora-qe0.wits.ac.za pd900217a.dip.t-dialin.net pd90055af.dip.t-dialin.net pd900c742.dip.t-dialin.net pd900f195.dip.t-dialin.net pd9028127.dip.t-dialin.net pd902a53a.dip.t-dialin.net pd9501f38.dip.t-dialin.net pd9502576.dip.t-dialin.net pd9510dbd.dip.t-dialin.net pd95153f6.dip.t-dialin.net pd9519318.dip.t-dialin.net pd9525961.dip.t-dialin.net pd9525ad9.dip.t-dialin.net pd955c387.dip.t-dialin.net pd95876c6.dip.t-dialin.net pd9e20897.dip.t-dialin.net pd9e48f3c.dip.t-dialin.net pd9e60e79.dip.t-dialin.net pm4-36.cyg.net pool0739.cvx20-bradley.dialup.earthlink.net ppp009.ts.co.nz pubs.cals.arizona.edu puser409.hn.ah163.net qdialup103.phnx.uswest.net qtweb.financialtec.com quickmail.luxmodernis.com r209-47-dsl.sea.lightrealm.net ras5-p145.jlm.netvision.net.il roanoke1-ubr2-4-hfc-0251-d1da5c67.rdc1.va.coxatwork.com server1.moneypros.com smtp.medfoci.com spadenet8.spade.net swentapp002.swchsc.on.ca sys55.jobsite.co.uk toulouse-1-a7-41-20.dial.proxad.net user-1120jdo.dsl.mindspring.com user-2ivf8nu.dialup.mindspring.com user-38ldmgi.dialup.mindspring.com useraf95.uk.uudial.com va-charlottesville3a-849.chr.adelphia.net wbkfs.wbk.uni-karlsruhe.de www.guycarp.com www.integratedvisions.com www.ouchi.ne.jp www.recoveryplanner.com www.sepak-bola.cache.twimm.net www.stfrancissd.com www.valry.fi zaphod.joe.de zlatoust.ijs.si Thanks, -- Sean Kelly ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Jul 22 2001 - 13:00:58 PDT