Date: Thu, 27 Dec 2001 22:33:34 -0500 (EST) From: Jerome Jahnke <jahnke@tormenta.com> To: Peter Ong <peter@haloflightleader.net> Cc: "Julien B." <jbe@cpu.ath.cx>, freebsd-stable@FreeBSD.ORG Subject: Re: Trying NT Hacks Message-ID: <Pine.BSF.4.21.0112272224340.95654-100000@dsl092-161-075.wdc1.dsl.speakeasy.net> In-Reply-To: <018901c18f4c$22402480$0101a8c0@haloflightleader.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I think they just start from their own IP number and work their way up and down. I still use dialup, my router dials in and connects my network. I have a small job which lets me know what IP Address my network is on and I only let port 80 through my firewall. I still get 10 or so of these a day. Very often they are from same top level IP space as my dialup provider, which tends to make me think the sowftware was written to start with it's own address and work it way out. Jer, On Thu, 27 Dec 2001, Peter Ong wrote: > Really... I just wonder how they figure out the IPs, other than randomly > guessing. Someone did mention that, and I guess there really aren't that > many IP addresses that a computer could randomly generate in a short amount > of time without covering the whole spectrum. > > Peter > ----- Original Message ----- > From: "Julien B." <jbe@cpu.ath.cx> > To: "Peter Ong" <peter@haloflightleader.net> > Cc: <freebsd-stable@FreeBSD.ORG> > Sent: Thursday, December 27, 2001 6:57 PM > Subject: Re: Trying NT Hacks > > > > On Thu, Dec 27, 2001 at 06:39:58PM -0800, Peter Ong wrote: > > > I don't know what it is with some people. I post my site here today > because > > > I was wondering about why the initial page was gibberrish, and then I > get > > > crackers. I finally get home, and I'm reviewing my log files, and I'm > > > seeing some folks trying to use IIS/NT exploits on my FreeBSD machine. > It's > > > infuriating. > > > > > > > My logs are full of these too, and getting bigger and bigger everyday. > Most of > > these "attacks" comes from some Windows worms. I'm totally amazed through, > as > > i get one such connection every 10 minuts, and my web server is not even > > public. > > > > Regards > > > > Julien B > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0112272224340.95654-100000>