[93181] in North American Network Operators' Group
Re: Sagonet - Failing miserably with network security Someone needs
daemon@ATHENA.MIT.EDU (Stephen Satchell)
Sun Oct 29 16:42:55 2006
Date: Sun, 29 Oct 2006 13:41:56 -0800
From: Stephen Satchell <list@satchell.net>
To: chris_jester@suavemente.net
Cc: nanog@nanog.org
In-Reply-To: <53493.72.199.242.75.1162150127.squirrel@support.splitinfinity.com>
Errors-To: owner-nanog@merit.edu
Chris Jester wrote:
> 65.110.62.120
>
> Sagonet,
>
> We have a serious hacker here who is ACTIVLY engaged in logins
> on our network (have him in a honeypot at the moment). He is running
> exploits from your network and
> also I have been hearing from others that you have been notified of this
> a few times yet have done nothing about it. Can we get someone to handle
> this immediately please?
Thank you for the report. I've added 65.110.62.120 in our perimeter
firewalls, on the off chance that the guy has broken into one or more
servers at American Internet (Reno). If he (she) did, it may explain
some traffic anomolies we've been seeing this past week.
