black hat .cn networks
justin at interaccess.com
Mon May 7 19:39:08 UTC 2001
> The past week i've seen attacks increase 5-fold, mostly 111/udp attacks
> mixed with some lpr and ftp on the side. Also lots of http scanning, which
> I havent seen in quite a while.
Yep, I'd seen them try port 111 scans as well from different hosts, but
since I never run RPC services, they didn't get anything off those. I
usually don't run http services either, but in this case got caught with my
pants down on a temporary exception. I was a few versions behind on apache,
however, as I just found out, which I'm sure didn't help the situation.
Well, back to the autopsy.
Take care and be well.
More information about the NANOG