** Reply to message from "Burke, Thomas G."
<[EMAIL PROTECTED]> on Mon, 2 Oct 2000 07:46:20 -0400
> I've been getting Back Orifice attempts from this machine for a couple of
> days... Doing all the whois, etc, gives me the Vatican, except that this IP
> is not one of theirs. A traceroute seems to imply that it's coming from
> somewhere in UAE, except that a lot of the steps in between show bogus
> rDNS...
>
> Can someone help me, please?
>
> Thanks
>
> Logs folow:
>
> Sep 30 09:07:01 tomii kernel: Packet log: input DENY ppp0 PROTO=17
> 212.77.194.130:31338 209.122.117.221:31337 L=47 S=0x00 I=26403 F=0x0000 T=46
> (#23)
Be thankful your firewall is stopping them. Looks like these cretins
know how to cover up their tracks. Doubt you could sniff them out
without some dedicated manpower.
Jack Bowling
Prince George, BC
mailto:[EMAIL PROTECTED]
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
