Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Strange FTP logs

from [Andrew Smith] Network Security [Permanent Link]
Subject: Re: Strange FTP logs
Date: Mon, 1 Nov 2004 16:20:41 +0000 
I have no idea how they got your password, if they did. As you said
sniffing is a possibility.
But the creating of test files (cw.txt) and trying to change to
directory .tmp would make me think that perhaps it was being used to
store pirated material, or being tested to see if it could be used.
The range of IP's connecting would make me think that perhaps the
logins to your FTP had been posted on some forum or given out in some
IRC channel.

The directory " ./.tmp. / /" looks like a standard directory used by
"pubbers" to lock directories on anonymous FTPs. Is your FTP open to
anonymous logins?
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Strange FTP logs, Rob klein Gunnewiek
Next by Date:  RE: Strange FTP logs, Jobe Bittman
Previous by Thread:  Strange FTP logs, Rob klein Gunnewiek
Next by Thread:  Re: Strange FTP logs, xyberpix
Indexes:  [Date] [Thread] [Top] [All Lists]