[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] hacked - please help! - my server scans port 53 on serval nets
- Subject: [cobalt-security] hacked - please help! - my server scans port 53 on serval nets
- From: "Armin Baldemair @ ARMIXnetworks.com" <armin.baldemair@xxxxxxxxxxxxxxxxx>
- Date: Sat, 30 Nov 2002 13:28:20 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
hi,
two days ago i got some mails that my server scans serveral networks for
dns-port 53.
i saw in the apache-log that there are attacks aginst iis in the same time.
so i think anybody hacked me..
i read in the list that there are hacks called "trinity ddos" which uses
port 53 to communicate?
knows anybody help for me? i don't want to reinstall the server because
there are many customers of my company on this and the server is housed in
germany.
im running a raq3 with the software of raq4.
should i update my os-sftware? (the last time i did the server crashed and i
had to reinstall it, so in only installed "RaQ4-All-Security Release
1.0.1-8762".)
thanks for any help!
armin baldemair
armin.baldemair@xxxxxxxxxxxxxxxxx
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.423 / Virus Database: 238 - Release Date: 25.11.2002