[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Is this coincidence or what - FTP Scans

Subject: [cobalt-security] Is this coincidence or what - FTP Scans
From: "Render-Vue" <sales@xxxxxxxxxxxxxx>
Date: Wed, 17 Oct 2001 12:34:40 +1300
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Yah,

This is a snip from one of the logcheck reports I received this morning
xxxxxxxxxx being the IP's on our server. Is it just a coincidence that the
syslogd was activated before and after attempts to access the server via
FTP?

Security Violations
=-=-=-=-=-=-=-=-=-=
Oct 16 04:40:59 ns proftpd[3305]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - USER anonymous (Login failed):
Can't find user.
Oct 16 04:40:59 ns proftpd[3308]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - USER anonymous (Login failed):
Can't find user.
Oct 16 04:41:03 ns proftpd[3309]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - USER anonymous (Login failed):
Can't find user.
Oct 16 04:41:03 ns proftpd[3315]:xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - USER anonymous (Login failed):
Can't find user.

Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Oct 16 04:40:08 ns syslogd 1.3-3: restart.
Oct 16 04:40:59 ns proftpd[3305]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - USER anonymous (Login failed):
Can't find user.
Oct 16 04:40:59 ns proftpd[3308]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - USER anonymous (Login failed):
Can't find user.
Oct 16 04:40:59 ns proftpd[3305]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - FTP session closed.
Oct 16 04:41:03 ns proftpd[3308]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - FTP session closed.
Oct 16 04:41:03 ns proftpd[3309]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - USER anonymous (Login failed):
Can't find user.
Oct 16 04:41:03 ns proftpd[3315]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - USER anonymous (Login failed):
Can't find user.
Oct 16 04:41:04 ns proftpd[3309]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - FTP session closed.
Oct 16 04:41:04 ns proftpd[3315]: xxxxxxxxxx
(pD9526130.dip.t-dialin.net[217.82.97.48]) - FTP session closed.
Oct 16 04:41:29 ns syslogd 1.3-3: restart.

Regards from Auckland

Chae

Follow-Ups:
- RE: [cobalt-security] Is this coincidence or what - FTP Scans
  - From: Tim Lawson
- Re: [cobalt-security] Is this coincidence or what - FTP Scans
  - From: Stephen Rice

Prev by Date: RE: [cobalt-security] Secureing cobalt Raq3
Next by Date: RE: [cobalt-security] Is this coincidence or what - FTP Scans
Previous by thread: RE: [cobalt-security] Logcheck & Crontab
Next by thread: RE: [cobalt-security] Is this coincidence or what - FTP Scans

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index