[Tfug] Repeated breakin attempts
Steve Davis
tfug@tfug.org
Mon Dec 23 03:17:01 2002
um. that'd block out about 6 million users - including me. If you sync your clocks up to an NTP server, and send me logs (please only the relevant parts!), I may be able to help you all
out. I work for Deutsche Telekom, and the domain dip.t-dialin.net belongs to T-Online (DT's ISP). I'll forward them to the abuse dept.
On Sun, 22 Dec 2002 17:36:26 -0500, Scott Fuller wrote:
>I've seen these come across in logs every now and the. I just ended up
>blocking the whole subnet.
>
>--Scott
>
>
>erich wrote:
>
>>
>> Has anybody seen this party making intrusion attempts into their
>> system?
>> My gateway is dynamic and temporary everytime I dial up, but their
>> script is
>> very busy and finds it nonetheless.
>>
>> Dec 17 09:23:43 cbl proftpd[3494]: cbl.fgi.com
>> (pD9520464.dip.t-dialin.net[217.82.4.100]) - USER anonymous
>>
>> Dec 18 16:17:22 cbl proftpd[4180]: cbl.fgi.com
>> (p5088F25B.dip.t-dialin.net[80.136.242.91]) - USER anonymous
>>
>>
>> My system rejects this because there is no anonymous ftp service
>> here. I
>> look thru my message logs regularly, and have seen numerus attempts in
>> the past by this party. I think it originates in the US, but on one
>> occasion I have seen a .de intrusion attempt.
>>
>> Cheers,
>> Erich
>>
>>
>>
>> _______________________________________________
>> tfug mailing list
>> tfug@tfug.org
>> http://www.tfug.org/mailman/listinfo/tfug
>
>
>
>_______________________________________________
>tfug mailing list
>tfug@tfug.org
>http://www.tfug.org/mailman/listinfo/tfug
>
Steve Davis
muaddib@arrakis.franken.de
-- If you don't know what it is, call it a system.