Yes, matter of fact i have and i can tell you why... Recently i was bored. So i decided to delete alot my virus scanner, firewalls, and my IDS. And i also opened up my file and print shares.(running windows95) With in 15 minutes I could no longer surf the net. I am running a 28.8(Don't give me this 56ks are cheap talk) So i opened up file/search i had some new *programs* on my computer. It scans for subseven. I also noticed that i had a connection on port 6667 (irc) Ip address 66.26.92.28. But anyways i tried connecting to this server. i did and... There was NO Channels. but like 324 users on it... So i'm imagining that is 324 compromised systems(?) I also let the program run a while (sorry guys) to find out if someone would connect over Subseven. no one ever did though, even though i had it on my system. I still have all the programs on this system i just have a firewall not letting them get through. If anyone wanted to look into the programs that i have... I'd be happy to send them the files. Just send me an email. One of them is the program that they use to communicate to the IRC channel and you very well know the other. Brice Carlson > >Anyone notice an increase in port scans to 27374 in the last week? I >noticed several, all from different addresses. > >Leon > >---------------------------------------------------------------------------- >This list is provided by the SecurityFocus ARIS analyzer service. >For more information on this free incident handling, management >and tracking system please see: http://aris.securityfocus.com > _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Nov 13 2001 - 07:21:26 PST