Article

2003-09-27

Archived material is restricted to Rantburg regulars and members. If you need access email fred.pruitt=at=gmail.com with your nick to be added to the members list. There is no charge to join Rantburg as a member.

Posted by Fred Pruitt 2003-09-27 10:57|| || Front Page|| [4 views since 2007-05-07] Top

#1 Fred,you think,maybe,it might be steveboy?

Posted by Raptor 2003-9-27 11:05:33 AM|| 2003-9-27 11:05:33 AM|| Front Page Top

#2 Somebody doesn't like Rantburg. We get hit at least once a week, usually on Friday nights.

Posted by Fred 2003-9-27 11:18:28 AM|| 2003-9-27 11:18:28 AM|| Front Page Top

#3 not stevey...he hasn't mastered the use of capital letters yet

Posted by Frank G 2003-9-27 11:45:37 AM|| 2003-9-27 11:45:37 AM|| Front Page Top

#4 Friday nights? Someone all worked up after services, maybe?

Or just some drunken college loser?

Posted by Robert Crawford 2003-9-27 11:50:07 AM|| [http://www.kloognome.com/] 2003-9-27 11:50:07 AM|| Front Page Top

#5 Sorry to learn of your tribulations, Fred.
Two questions:
Did this start before or after September 11?
Do you have any buddies at the FBI?
If you could arrange for this villains arrest, we could have a lot to rant about.

Posted by Gasse Katze 2003-9-27 12:33:55 PM|| 2003-9-27 12:33:55 PM|| Front Page Top

#6 We just got our own server in May. Within a week we had company. I've been tightening security bit by bit ever since - I'm not a network guy, so much of it's been learned on the fly.

One time actually connected while the guy was logged in. He was scanning IP addresses in Central Europe. A couple other times I kicked gamers out. This time there were six instances of Perl running, and I don't use Perl. I ran a virus scan, though, and couldn't find anything, so I shut Perl down.

Posted by Fred 2003-9-27 2:18:06 PM|| 2003-9-27 2:18:06 PM|| Front Page Top

#7 Sound like a job for LIDS, Fred.

Posted by mojo 2003-9-27 5:27:40 PM|| 2003-9-27 5:27:40 PM|| Front Page Top

#8 Oops... Never mind. Try eEye's SecureIIS instead.
http://www.eeye.com/html/Products/SecureIIS/index.html

Posted by mojo 2003-9-27 5:30:29 PM|| 2003-9-27 5:30:29 PM|| Front Page Top

#9 One technique for learning is to install a sniffer (protocol analyzer). Configure it to ignore all legitimate Rantburg traffic, and see what other traffic you're getting.
It will tell you what attacks you're getting (complete with the details of the attack packets) and the source IP address.

Posted by Dishman 2003-9-27 6:25:51 PM|| 2003-9-27 6:25:51 PM|| Front Page Top

#10 You find him, Fred, and I'll bring the thumb screws and the knuckle-busters.

Posted by Old Patriot 2003-9-27 10:57:23 PM|| [http://users.codenet.net/mweather/default.htm] 2003-9-27 10:57:23 PM|| Front Page Top

10:39 Mansoor Usman Awan
03:13 R. McLeod
23:15 Old Patriot
23:10 Old Patriot
22:57 Old Patriot
22:51 Steve White
22:13 Stephen
22:03 Frank G
21:37 Swiggles
20:29 Alaska Paul
20:17 Frank G
19:58 Hyper
19:50 Ptah
19:49 Shipman
19:40 Whiskey Mike
19:29 Frank G
19:19 mojo
19:17 mojo
18:49 Kalroy
18:39 Frank G
18:38 Frank G
18:36 Shipman
18:33 Shipman
18:26 Shipman