[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Conclusion of "Is this coincidence or what - FTP Scans"

Subject: [cobalt-security] Conclusion of "Is this coincidence or what - FTP Scans"
From: "Render-Vue" <sales@xxxxxxxxxxxxxx>
Date: Wed, 17 Oct 2001 23:39:52 +1300
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Thanks for everyone's input to the fact that syslogd was restarted prior and
after the scans to FTP.

I had realised that there is the same data in the security violations and
the Unusual System Events, but just wanted to make sure that my findings and
conclusions were correct :> and I had nothing to worry about.

To carry on what other people have been saying the scans from
dip.t-dialin.net and abo.wanadoo.fr happen to our servers on a daily basis
and on every occasion we contact them - not to bitch about it but to tell
them that someone on their network is scanning or attempting to access our
server and can they take the appropriate action...this has been going on for
months now and not one acknowledgement or one email saying yes the offender
has been warned or their account cancelled.

I know they haven't breached the server but as someone mentioned it does get
annoying seeing the same network and IP's coming up...what do you do if the
ISP can't take matters like this seriously :<

Anyway thanks again for the replies

Regards from Auckland

Chae

Follow-Ups:
- Re: [cobalt-security] Conclusion of "Is this coincidence or what - FTP Scans"
  - From: Gerald Waugh
- Re: [cobalt-security] Conclusion of "Is this coincidence or what - FTP Scans"
  - From: Michael Stauber

Prev by Date: Re: [cobalt-security] Logcheck
Next by Date: [cobalt-security] process quota
Previous by thread: Re: [cobalt-security] Logcheck
Next by thread: Re: [cobalt-security] Conclusion of "Is this coincidence or what - FTP Scans"

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index