Incidents Mode:
(Page 7 of 170)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
Anyone have a reason for 2x the email flow today? 2007-12-03
Dude VanWinkle (dudevanwinkle gmail com) (1 replies)
My servers are slammed...

Anyone else notice anything?

-JP

------------------------------------------------------------------------
-
This list sponsored by: SPI Dynamics

ALERT: .How a Hacker Launches a SQL Injection Attack!.- White Paper
It's as simple as placing additional SQL commands into a

[ more ]  [ reply ]
RE: Anyone have a reason for 2x the email flow today? 2007-12-04
Maloney, Michael (MMaloney middlesexcc edu) (2 replies)
Re: Anyone have a reason for 2x the email flow today? 2007-12-05
Dude VanWinkle (dudevanwinkle gmail com)
Re: Anyone have a reason for 2x the email flow today? 2007-12-04
Kosala Atapattu (kosala atapattu gmail com)
CFP for HITBSecConf2008 - Dubai now open 2007-10-23
Praburaajan (prabu hackinthebox org)
The CFP for HITBSecConf2008 - Dubai is now open.

Our 2008 event is expected to attract over 300 attendees from around the
EMEA region and will see keynote speakers Bruce Schneier (Founder and
CTO, BT Counterpane) and Jeremiah Grossman (Founder and CTO, White Hat
Security). The event is supported an

[ more ]  [ reply ]
Interesting mail sender 2007-09-27
Szalay Attila (sasa pheniscidae tvnetwork hu) (3 replies)
In the recent days our firewall block some message which have a very
interesting mail from address.

The log message is looks like this:

Invalid SMTP command; request='MAIL', param='From:<aadorris@zfJah]+o*7 Z->'

May this be an exploit or just a wrongly setup in a spammer program?

-------

[ more ]  [ reply ]
Re: Interesting mail sender 2007-09-30
Valdis Kletnieks vt edu
Re: Interesting mail sender 2007-09-27
Tuc at T-B-O-H.NET (ml t-b-o-h net) (1 replies)
Re: Interesting mail sender 2007-09-29
daniel (danderson310 gmail com)
Re: Interesting mail sender 2007-09-28
merigoth gmail com
Source port 445,80 2007-09-05
Wong Yu Liang (wong yuliang vads com) (1 replies)


Hi all ,

Lately I've been getting a lot of awkward alerts with source port 445.
A few different source IP is connecting to one single IP
from the source port 445 , to random destination high ports. IPS is
detecting ANS.1 bit string overflow on all these alerts. Anyone
care to enlighten me abo

[ more ]  [ reply ]
Re: Source port 445,80 2007-09-05
Valdis Kletnieks vt edu (1 replies)
RE: Source port 445,80 2007-09-06
Wong Yu Liang (wong yuliang vads com) (2 replies)
Re: Source port 445,80 2007-09-07
scott (redhowlingwolves bellsouth net)
Re: Source port 445,80 2007-09-06
Valdis Kletnieks vt edu (1 replies)
RE: Source port 445,80 2007-09-07
Wong Yu Liang (wong yuliang vads com) (1 replies)
Re: Source port 445,80 2007-09-07
Valdis Kletnieks vt edu
Re: HTTP worm? 2007-08-30
bugtraq shadowstorm com
The incoming packets have a source port of 80 and a destination port ranging between 1000 and 2000. If you connect to port 80 on the IP sending the packets and issue the "HEAD" command you'll notice almost all of them will show the following;

lynx -head -dump http://81.52.202.217

HTTP/1.0 40

[ more ]  [ reply ]
HTTP worm? 2007-08-27
Steve Huston (huston astro princeton edu) (3 replies)
I don't have any details or traffic to show for it, but since Friday
I've seen an awful lot of complaints from my firewall about "port scans"
coming from remote hosts port 80 to 1-2 ports on machines in my
department. The first ones I noticed were coming from a web server on
campus but outside my c

[ more ]  [ reply ]
Re: HTTP worm? 2007-08-28
Joshua J. Talbot (jtalbot securityfocus com)
RE: HTTP worm? 2007-08-28
Geoff Martin (g martin grey com au)
RE: HTTP worm? 2007-08-27
Dario Ciccarone (dciccaro) (dciccaro cisco com)
Re: Phishing e-mail with hidden crap? 2007-08-20
stremovsky gmail com
Hi Nicolas,

I have seen similar emails in the past.

Currently I consider these numbers and words to be random text. IMHO, these text is different in each spam email sent. This could be used to outsmart some automatic anti-spam filters.

Best regards

Yuli

http://www.greensql.net/blog/yuli

[ more ]  [ reply ]
Re: 0day linux 2.6 /dev/mem rootkit found 2007-07-23
lists lhftools com
lib/libgdl.so matches on my box.. looks like it is part of Google Desktop for Linux. Did/Do you have it installed?

------------------------------------------------------------------------
-
This list sponsored by: SPI Dynamics

ALERT: .How a Hacker Launches a SQL Injection Attack!.- White Paper
It'

[ more ]  [ reply ]
0day linux 2.6 /dev/mem rootkit found 2007-07-11
James E. Jones (ceriofag yahoo com) (1 replies)
I found one interesting tool on my server, with the
name 'Boxer 0.99 BETA3'. It's protected by ELFuck
linux executables obfuscator. Google doesn't know
anything about it.
Now, it is available at http://surfall.net/rel.tar.gz
(ELFuck password: 'notdead')
Anybody seen it before?

____________

[ more ]  [ reply ]
Strange Cisco Router Logs 2007-07-20
Radi Tzvetkov (radit logisticare com) (1 replies)
RE: Strange Cisco Router Logs 2007-07-22
Dario Ciccarone (dciccaro) (dciccaro cisco com) (1 replies)
Phishing e-mail with hidden crap? 2007-08-17
Nicolas villatte (Nicolas Villatte chello be)
(Page 7 of 170)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus