Security Incidents mailing list archives
Re: Hybris Worm
From: PRESSO-CERT <cert () PRESSO NET>
Date: Sun, 4 Feb 2001 18:54:09 +0100
On Sun, 4 Feb 2001 12:05:16 -0500, accidentally sitting over the keyboard, gabriel rosenkoetter <gr () ECLIPSED NET> produced the following string:
Received: from hacker (ppp-171-74.30-151.libero.it [151.30.74.171])[...] The validity of that IP address is also questionable, but it might be worth getting in touch with the good folks at libero.it and seeing who was connected to that slot on their dial-up box at that time. (It's almost definitely a stolen account, of course.)
libero.it is an Italian ISP which give away free internet access, so it's trivial for a lamer to get an account. Anyway they keep track of CID and do not allow connections from customer who disable trasmission of Caller ID. But, according with the italian law, they cannot give away theese infos unless requested by a judge. -- Gian Luca Matteucci (GLM64-RIPE) ---------- ------------- PreSSo@net - Servizio tecnico WebAgency - Technology partner Web: http://www.presso.net/ Web: http://www.webagency.as/ email: staff () presso net GSM: +39 329 6878 213 ---------- --------------
Current thread:
- Hybris Worm Gilbert Alaverdian (Feb 03)
- Re: Hybris Worm Brett Glass (Feb 04)
- Re: Hybris Worm gabriel rosenkoetter (Feb 04)
- Re: Hybris Worm PRESSO-CERT (Feb 04)