Security Incidents mailing list archives
Re: Scans for telnetd on DNS servers.
From: "Alex" <incidents () alex gotdns org>
Date: Thu, 9 Mar 2006 20:01:13 -0600 (CST)
I wonder... Could this be a SSH scan by some stupid script kiddie that mistook the telnet port# for that of SSH? -Alex
I observed a sudden increase of 23/tcp probes on Feb 28 at 16:00 GMT (from more or less zero to approx. 1500 probes per hour). It lasted for 10 hours, then it stopped almost quickly as it started. It was neither a focused probing of a certain kind of devices, nor any systematic sweep -- various IP addresses (including broadcast and other reserved addresses) in our network were hit in a seemingly random manner. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Current thread:
- Scans for telnetd on DNS servers. Jay D. Dyson (Mar 04)
- Re: Scans for telnetd on DNS servers. Raistlin Majere (Mar 06)
- Re: Scans for telnetd on DNS servers. Pavel Kankovsky (Mar 09)
- Re: Scans for telnetd on DNS servers. Alex (Mar 09)
- Re: Scans for telnetd on DNS servers. Pavel Kankovsky (Mar 13)
- Re: Scans for telnetd on DNS servers. jim barchuk (Mar 14)
- Re: Scans for telnetd on DNS servers. Alex (Mar 09)
- <Possible follow-ups>
- Re: Re: Scans for telnetd on DNS servers. kmuskrat (Mar 13)