Hello, my toaster is connected at 192.168.5.44 and it was hax0red. My
social security number is 275-53-4678, and my favorite color is blue.
How pointless is this mail-list?
/paxil
>
>
> Nanog; fyi.
>
> APNIC / Excite / Home.net -
>
> We have an ftp site running on 209.123.52.40 that is made writable at
> certain periods of time for anonymous users. Some of our customer's
systems
> are programmed to send in bug reports, problem programs, etc at these
times.
> One of these periods of time was this past Friday (4/20/01) from 6pm EST
to
> Saturday afternoon at Noon. In that time period, a couple of hundred
megs
> of movies / warez / crap was dropped onto the ftp site, and then the
people
> that were (I presume) loading up the site got cut off.
>
> Not only did the violator from 203.164.51.0/24 store illegal information
on
> our ftp site, they also deleted everything that existed. Not anyone's
fault
> there but our own, and no problem since there were backups, but just fyi
> that this stuff is happening out there from the reported networks.
>
> Here's some information I collected from a .htaccess file in one of the
> directories that these <insert explative here> left.
>
> <Limit GET>
> order allow,deny
> deny from 141.201.222.
> deny from 24.141.20.
> deny from 24.141.36.
> deny from 65.1.50.
> .
> . Bunch of Denies
> .
> allow from 203.164.51.
> deny from 203.164.3.
> deny from 62.30.0.
> .
> . Bunch of Denies
> .
> allow from all
> </Limit>
>
>
>
> I run Portsentry on my FreeBSD firewall, which caught and denied this:
> 987814775 - 04/20/2001 20:59:35 Host: www.uov.net/209.37.153.6 Port: 515
TCP