> I have trouble believing someone would go to the trouble of collecting > compromised hosts and then waste them stealthily scanning for > vulnerabilities which even inattentive admins are likely to have patched > and will trigger any halfway decent IDS but a quick google didn't turn up > anything much. > Does anyone know what might be causing this? People do collect infected hosts for use with ddos nets or machines to bounce from. I still get valid code red hits almost daily which means alot of people still haven't patched. I would find it very probable someone is collecting infected/backdoored hosts for use in a ddos. Its very easy to upload a trojan and gain full access to these machines so I don't understand why people wouldn't be scanning. - zenoat_private > > Chris > > > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Feb 25 2002 - 13:27:41 PST