I got hit early sunday morning by this guy:
Active System Attack Alerts
=-=-=-=-=-=-=-=-=-=-=-=-=-=
Jan 23 08:11:17 localhost portsentry[587]: attackalert: Connect from host:
1Cust249.tnt20.chi5.da.uu.net/63.20.110.249 to UDP port: 31337
Jan 23 08:11:17 localhost portsentry[587]: attackalert: Host 63.20.110.249 has been
blocked via wrappers with string: "ALL: 63.20.110.249"
Jan 23 08:11:17 localhost portsentry[587]: attackalert: Host 63.20.110.249 has been
blocked via dropped route using command: "/sbin/ipchains -I input -s 63.20.110.249 -j
DENY -l"
Portsentry caught him.
On Thu, 27 Jan 2000, Sean Clarke wrote:
> Be warn this hostname/ip have been causing me alot of grief.
>
> TCP Wrappers: Connection Refused
> By: neptune.tzo.cc
> Process: in.ftpd (pid 4714)
>
> User: unknown
> Host: 1Cust190.tnt1.iowa-city.ia.da.uu.net
> Date: Wed Jan 26 16:35:20 PST 2000
>
>
>
> -----------------------------------------------------------------
> Sean Clarke
> Network / Systems Support Manager
> Cashline ABM Inc. / CyberNet Computer Services
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
>
> "The best remote administration tool for Windows-NT is a car ..."
> -----------------------------------------------------------------
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
--
Steve Gulick, Cornerstone Development, LLC.
[EMAIL PROTECTED]
AIM: gulicksteve
Voice (203) 855-1501
Fax (203) 838-9597
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
