Hosting Provided By

Re: ftp server compromised

From: psion <psion(at)gamers-utopia.com>
Date: Thu Feb 13 2003 - 01:52:56 EST

Although I can't say much for the "I have disabled anonymous ftp" part.. I can however tell you that this common and known as pubbing in the warez comunity. This activity depicts scanning a range of IPs for FTPs that allow anon login.

This is, of course, assuming you have no services running that are easily exploitable. If you do, chances are greater that a root kit was used, which can be nasty depending on which one was used.

Original Message ----- From: <rbelchez@show-net.net> To: <incidents@securityfocus.com> Sent: Wednesday, February 12, 2003 8:20 PM Subject: ftp server compromised

>
>
> Dear All,

--

> This list is provided by the SecurityFocus ARIS analyzer service.




----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: 
http://aris.securityfocus.com

Received on Thu Feb 13 13:09:44 2003

This message: [ Message body ]
Next message: Alexander Reelsen: "webserver probes for php detection"
Previous message: Denis Dimick: "RE: ftp server compromised"
In reply to: rbelchez(at)show-net.net: "ftp server compromised"
In reply to Mark E. Donaldson: "RE: ftp server compromised"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:58 EDT