Dailydave mailing list archives
Re: A dumb question
From: "Twenty SF" <twentysf () gmail com>
Date: Mon, 25 Sep 2006 09:38:33 -0400
It could be any number of ways, but if it's a targeted attack they may have just pulled the info from WHOIS (I'm assuming your account name is "rtfraily" from your web server and then did an ARIN lookup (or possibly just scanned other IP's around the same range as your web server). The server also might have an account enumeration vulnerability, it really could be many things. On 9/25/06, Robert Frailey <rfrailey () utahmed com> wrote:
The hackers nightly hit my microsoft windows 2003 servers. In the sercurity log i see an entry for anonymous then half a dozen failed login attempts. What bothers me is they've been trying my login name and my web masters login name for that perticular server. All have been unsuccessful but how did they get the login names. Rob _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Now that we've all had time for a good long browse, ... Dave Korn (Sep 23)
- A dumb question Robert Frailey (Sep 25)
- Re: A dumb question Josiah Wilkinson (Sep 25)
- Re: A dumb question Paul Asadoorian (Sep 25)
- Re: A dumb question Twenty SF (Sep 25)
- Re: A dumb question Josiah Wilkinson (Sep 25)
- A dumb question Robert Frailey (Sep 25)