incidents 2002/03
By Subject

149 messages sorted by: [ author ] [ date ] [ thread ]
Other mail archives

Starting: Thu Feb 28 2002 - 14:28:38 PST
Ending: Mon Apr 01 2002 - 16:43:04 PST

"Nimda"?
- Greg Williamson (Thu Feb 28 2002 - 13:28:16 PST)
- Nick FitzGerald (Thu Feb 28 2002 - 14:05:44 PST)
A new hack tool - tcp port 3139 ?
- METE.EMINAGAOGLUat_private (Fri Mar 15 2002 - 14:49:42 PST)
- METE.EMINAGAOGLUat_private (Fri Mar 15 2002 - 11:24:32 PST)
Analysis of litmus backdoor trojan
- John C. Hennessy (Tue Mar 12 2002 - 06:37:10 PST)
AW: nouser - rootkit ?
- Rob McCauley (Tue Mar 12 2002 - 08:55:59 PST)
- vogtat_private (Tue Mar 12 2002 - 01:21:27 PST)
Bug#137492: PAM pam_set_item: NULL pam handle passed
- Matt Zimmerman (Sat Mar 09 2002 - 09:21:24 PST)
Compromised - Port 1524
- blazin w (Wed Mar 06 2002 - 18:46:54 PST)
- switched (Wed Mar 06 2002 - 14:19:52 PST)
- Jose Miguel Varet (Wed Mar 06 2002 - 14:53:36 PST)
- Hines, Eric (Wed Mar 06 2002 - 11:48:10 PST)
different, nimda like, probes
- Russell Fulton (Thu Mar 21 2002 - 16:07:24 PST)
DoS yesterday
- Dmitri Smirnov (Tue Mar 26 2002 - 13:24:00 PST)
Email Relay Searches
- Allen Smith (Fri Mar 29 2002 - 21:21:58 PST)
- Pat Moffitt (Fri Mar 29 2002 - 08:15:03 PST)
Excess SMTP traffic to non-mail host
- NESTING, DAVID M (SBCSI) (Wed Mar 27 2002 - 08:51:11 PST)
- Chris Wilkes (Wed Mar 27 2002 - 08:56:37 PST)
- dr john halewood (Wed Mar 27 2002 - 08:41:06 PST)
- Basil Hussain (Wed Mar 27 2002 - 04:10:39 PST)
FTP back in Vogue?
- John Rodley (Wed Mar 13 2002 - 18:49:52 PST)
- switched (Wed Mar 13 2002 - 12:49:00 PST)
- Nathan W. Labadie (Wed Mar 13 2002 - 12:44:13 PST)
- leon (Wed Mar 13 2002 - 11:59:29 PST)
fun with posiden rootkit
- Dave Dittrich (Mon Mar 25 2002 - 23:36:33 PST)
- Skip Carter (Mon Mar 25 2002 - 14:48:10 PST)
- Alvin Oga (Mon Mar 25 2002 - 13:44:56 PST)
- Olaf Schreck (Mon Mar 25 2002 - 11:01:35 PST)
FYI - slow scans for https...
- Erik Fichtner (Mon Mar 04 2002 - 11:38:55 PST)
- Andreas Östling (Mon Mar 04 2002 - 01:16:36 PST)
- Hugo van der Kooij (Mon Mar 04 2002 - 02:07:08 PST)
- Russell Fulton (Sun Mar 03 2002 - 13:30:50 PST)
HTTPS scans
- H C (Mon Mar 11 2002 - 10:57:11 PST)
- Kurt Seifried (Mon Mar 11 2002 - 11:20:45 PST)
- Keith T. Morgan (Mon Mar 11 2002 - 09:53:49 PST)
I think I've been hacked...please help!
- Ryan Russell (Sun Mar 31 2002 - 22:05:52 PST)
- Joe Warner (Sat Mar 30 2002 - 07:51:27 PST)
increase in ftp scanning
- Ryan Hill (Tue Mar 05 2002 - 09:48:04 PST)
- Benninghoff, John (Tue Mar 05 2002 - 07:44:58 PST)
- Baribault, Gary (Tue Mar 05 2002 - 05:40:33 PST)
- Dragos Ruiu (Mon Mar 04 2002 - 18:24:19 PST)
- adminat_private (Tue Mar 05 2002 - 06:56:59 PST)
- quentynat_private (Mon Mar 04 2002 - 04:15:34 PST)
increase in scans for RPC
- Dan Irwin (Wed Mar 20 2002 - 16:28:31 PST)
- Todd Suiter (Tue Mar 19 2002 - 16:11:32 PST)
increase in smb scans
- Nathan W. Labadie (Fri Mar 15 2002 - 06:39:27 PST)
- Hugo van der Kooij (Fri Mar 08 2002 - 14:41:59 PST)
- Lee Ayres (Fri Mar 08 2002 - 15:13:05 PST)
- Nathan W. Labadie (Fri Mar 08 2002 - 06:06:37 PST)
Increase in squid scanning...
- David Jacoby (Mon Mar 11 2002 - 02:00:36 PST)
- Baribault, Gary (Tue Mar 05 2002 - 10:08:15 PST)
- switched (Tue Mar 05 2002 - 08:36:26 PST)
Keylogger Needed Quick!
- Tom Kapanka (Thu Mar 14 2002 - 15:06:54 PST)
- Seth Arnold (Tue Mar 12 2002 - 11:43:18 PST)
- Luis Bruno (Tue Mar 12 2002 - 05:02:56 PST)
- Tom Kapanka (Mon Mar 11 2002 - 16:00:38 PST)
Large Attack
- Passion (Fri Mar 01 2002 - 20:06:56 PST)
Logon Banners
- Rohrer, Mark E (Sat Mar 23 2002 - 09:20:38 PST)
- Chris Wilson (Sat Mar 23 2002 - 05:38:51 PST)
- Hugo van der Kooij (Sat Mar 23 2002 - 01:12:44 PST)
- Led Slinger (Fri Mar 22 2002 - 23:42:05 PST)
- Chris Ricker (Fri Mar 22 2002 - 23:04:08 PST)
- leon (Fri Mar 22 2002 - 21:17:53 PST)
Major DNS cache poisoning at Verisign/WorldNIC
- Brian McWilliams (Wed Mar 20 2002 - 10:17:54 PST)
- Matthew F. Caldwell (Tue Mar 19 2002 - 11:18:56 PST)
ncacn_http/1.0
- cw (Thu Mar 07 2002 - 13:00:14 PST)
network mystery
- network-questionsat_private (Tue Mar 26 2002 - 16:24:38 PST)
New Nimda?
- Steve (Thu Mar 07 2002 - 18:45:15 PST)
- Bradley, Tony (Thu Mar 07 2002 - 11:47:38 PST)
nouser - rootkit ?
- Eric Brandwine (Tue Mar 12 2002 - 08:32:51 PST)
- Jose Nazario (Tue Mar 12 2002 - 13:54:55 PST)
- Bill_Roydsat_private (Tue Mar 12 2002 - 09:10:02 PST)
- Kyle R Maxwell (Tue Mar 12 2002 - 11:08:06 PST)
- Brian Hatch (Mon Mar 11 2002 - 19:45:50 PST)
- Eric Brandwine (Mon Mar 11 2002 - 17:08:14 PST)
- Dave Dittrich (Mon Mar 11 2002 - 23:33:39 PST)
- Bruce Ediger (Mon Mar 11 2002 - 19:26:00 PST)
- Konrad Rieck (Mon Mar 11 2002 - 14:59:59 PST)
- Ryan Russell (Mon Mar 11 2002 - 12:41:07 PST)
- Eric Brandwine (Mon Mar 11 2002 - 09:57:38 PST)
nouser - rootkit ? [:multiple root kit thread:]
- Dan Rohan (Tue Mar 12 2002 - 09:26:59 PST)
Odd activity
- Kelly Martin (Sat Mar 30 2002 - 16:30:19 PST)
ORBZ shut down
- Brad Arlt (Wed Mar 20 2002 - 15:53:06 PST)
- jlewisat_private (Wed Mar 20 2002 - 09:19:04 PST)
- David Ulevitch (Tue Mar 19 2002 - 23:25:25 PST)
Port 1900/5000 connection attempts
- cambriaat_private (Thu Mar 21 2002 - 20:28:50 PST)
Port UDP 3049
- Thomas Akin (Wed Mar 13 2002 - 21:58:54 PST)
- Ryan Russell (Mon Mar 11 2002 - 08:39:19 PST)
- Paulo.Sedrezat_private (Mon Mar 11 2002 - 04:17:42 PST)
- Ryan Russell (Sat Mar 09 2002 - 15:40:37 PST)
Probes to strange ports
- H C (Wed Mar 06 2002 - 18:42:46 PST)
- Kinsey, Robert (Wed Mar 06 2002 - 16:24:09 PST)
- Kenneth Wilson (Wed Mar 06 2002 - 15:34:07 PST)
Question about HTTP DDOS attacks.
- Kyle R. Hofmann (Mon Mar 18 2002 - 10:26:35 PST)
- Hugo van der Kooij (Sun Mar 17 2002 - 22:42:47 PST)
- eaxat_private (Fri Mar 15 2002 - 20:13:27 PST)
Rcon trojan
- H C (Tue Mar 05 2002 - 05:38:07 PST)
- H C (Mon Mar 04 2002 - 17:53:32 PST)
- Tom Gerritsen (Mon Mar 04 2002 - 14:39:04 PST)
- Hugo van der Kooij (Mon Mar 04 2002 - 14:16:20 PST)
- Owen Creger (Mon Mar 04 2002 - 09:08:00 PST)
RemoteNC backdoors, attacks via ports 1433, 524, 139, 445, 21, destroyed files
- James McGee (Wed Mar 13 2002 - 16:28:52 PST)
- switched (Wed Mar 13 2002 - 11:59:29 PST)
- bukysat_private (Wed Mar 13 2002 - 10:07:29 PST)
Rise in spoofing and smurfing?
- Stuart Sheldon (Fri Mar 01 2002 - 09:16:01 PST)
RTCW?
- vogtat_private (Mon Mar 11 2002 - 03:30:41 PST)
- Mark Spencer (Sun Mar 10 2002 - 08:14:38 PST)
Sendmail DOS ?
- Hugo van der Kooij (Wed Mar 27 2002 - 13:43:27 PST)
- Steve Halligan (Wed Mar 27 2002 - 13:12:49 PST)
- Micheal Patterson (Wed Mar 27 2002 - 09:06:24 PST)
- Ken Lyon (Wed Mar 27 2002 - 09:15:13 PST)
- Fragga (Wed Mar 27 2002 - 02:30:37 PST)
Sloppy compromise
- switched (Wed Mar 13 2002 - 09:23:47 PST)
SMTP Probe/Attack?
- Patrick Andry (Mon Mar 11 2002 - 08:32:13 PST)
Solaris hack
- Christopher Samuel (Mon Mar 04 2002 - 02:36:12 PST)
ssh exploit
- Lee Evans (Thu Mar 14 2002 - 15:10:04 PST)
- Lee Evans (Thu Mar 14 2002 - 11:12:47 PST)
sshd: PAM pam_set_item: NULL pam handle passed
- Matt Zimmerman (Sat Mar 09 2002 - 09:06:46 PST)
- Chris Faulhaber (Fri Mar 08 2002 - 15:30:46 PST)
- Tina Bird (Fri Mar 08 2002 - 16:16:23 PST)
- Matt Zimmerman (Fri Mar 08 2002 - 16:04:15 PST)
- Matt Zimmerman (Thu Mar 07 2002 - 19:29:32 PST)
strange UDP 5400 traffic
- ipfwat_private (Sat Mar 30 2002 - 05:32:56 PST)
- Maarten (Fri Mar 29 2002 - 10:15:41 PST)
Stray UDP activity?
- Jim Watt (Fri Mar 08 2002 - 14:59:26 PST)
- sheib (Fri Mar 08 2002 - 05:31:00 PST)
Sub7 (SubSeven), Win2k, and IE 5.5
- H C (Wed Mar 20 2002 - 13:27:39 PST)
- Kirk Schafer (Wed Mar 20 2002 - 11:39:53 PST)
Suspect short first fragment?
- Boyan Krosnov (Thu Feb 28 2002 - 23:56:33 PST)
Update: UDP 770 Potential Worm
- H C (Mon Mar 04 2002 - 05:12:09 PST)
- Byrne Ghavalas (Fri Mar 01 2002 - 23:48:12 PST)
- H C (Sat Mar 02 2002 - 06:43:50 PST)
- H C (Fri Mar 01 2002 - 20:21:12 PST)
- Byrne Ghavalas (Fri Mar 01 2002 - 15:16:53 PST)
very interesting 0day tool... http honeypot in action
- Michal Zalewski (Wed Mar 13 2002 - 06:54:53 PST)
- zeno (Tue Mar 12 2002 - 10:23:59 PST)
- Michal Zalewski (Tue Mar 12 2002 - 08:17:26 PST)
watching them -after the fact
- zeno (Tue Mar 26 2002 - 06:23:01 PST)
- Alvin Oga (Sun Mar 24 2002 - 23:11:37 PST)
We have lots of users with SonicWalls for VPN connectivity in to FW-1, possible major security hole
- Mark J. DeFilippis (Fri Mar 08 2002 - 10:14:10 PST)
Weird log entries...
- John Hartley (Thu Mar 28 2002 - 06:13:00 PST)
- Michael Ward (Thu Mar 28 2002 - 06:55:18 PST)
- Cushing, David (Thu Mar 28 2002 - 06:25:13 PST)
- Florian Weimer (Thu Mar 28 2002 - 06:22:20 PST)
- Kelly Martin (Thu Mar 28 2002 - 05:47:07 PST)
- zeno (Thu Mar 28 2002 - 05:21:51 PST)
- Josh Diakun (Thu Mar 28 2002 - 02:06:33 PST)
{MERIT-INP} 7.0.1.0 -> 14.0.2.13
- Valdis.Kletnieksat_private (Fri Mar 22 2002 - 12:46:13 PST)
- seren geti (Fri Mar 22 2002 - 10:29:56 PST)

Last message date: Mon Apr 01 2002 - 16:43:04 PST
Archived on: Mon Apr 01 2002 - 16:43:13 PST

149 messages sorted by: [ author ] [ date ] [ thread ]
Other mail archives

This archive was generated by hypermail 2b30 : Mon Apr 01 2002 - 16:43:13 PST

incidents 2002/03By Subject

incidents 2002/03
By Subject