[2563] in WWW Security List Archive
Re: Possible FTP-attack
daemon@ATHENA.MIT.EDU (=?ISO-8859-1?Q?J=FCri_Kaljundi?=)
Wed Aug 7 06:29:54 1996
Date: Wed, 7 Aug 1996 10:41:32 +0300 (EET DST)
From: =?ISO-8859-1?Q?J=FCri_Kaljundi?= <jk@stallion.ee>
To: anders.sandell@sakdata.se
Cc: www-security@ns2.rutgers.edu
In-Reply-To: <199608061209.OAA16635@mail.swip.net>
Errors-To: owner-www-security@ns2.rutgers.edu
Tue, 6 Aug 1996 anders.sandell@sakdata.se wrote:
> During the last 3 hours a user at power.bcs.ee has once every two seconds=
=20
> tried to access my FTP-server with the username "hertz" and no password.=
=20
> Since we dont have a user "hertz" every attempt is rejected. The rejectio=
ns=20
> show up in the security log and is filling it quickly though.
FYI power.bcs.ee aka power.netexpress.ee is a unix server with accounts
for dial-in customers of BCS/Netexpress, a small Internet access provider
in Estonia. It is probably some of their dial-in customers that probably
has something configured wrong.
J=FCri Kaljundi
AS Stallion
jk@stallion.ee
