his email domain is cc.uk.com. which i can ping and see the IP 193.122.20.2.
so i could do a port scan in that range and see any machine running port 80.
so can you explain to us all what he revealed that wouldn't take more than 1
or 2 minutes for anyone to figure out?
-----Original Message-----
From: Stephen Moretti [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 02, 2001 8:05 AM
To: CF-Talk
Subject: RE: default.ida?
Might be an idea to go away and change the IP addresses on your servers now
and abandon these two for all eternity....
Never put this kind of information out on the list. You are openning
yourself up to abuse by the few unscrupulous people on this list...
Stephen
> -----Original Message-----
> From: Edward Chanter [mailto:[EMAIL PROTECTED]]
> Sent: 02 August 2001 15:50
> To: CF-Talk
> Subject: RE: default.ida?
>
>
> 193.122.20.5 - Production
> 193.122.20.8 - Development
>
> Why?
>
>
>
> > -----Original Message-----
> > From: Tangorre, Mike [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, August 02, 2001 3:34 PM
> > To: CF-Talk
> > Subject: RE: default.ida?
> >
> >
> > whats yur ip? :-)
> >
> >
> > Michael T. Tangorre
> > --------------------------------------------
> > Web Applications Developer
> > Office Phone: 703-558-4746
> > Cellular Phone: 607-426-9277
> > AIM: CrazyFlash4
> > Personal Email: [EMAIL PROTECTED]
> > Work Email: [EMAIL PROTECTED]
> > School Email: [EMAIL PROTECTED]
> > --------------------------------------------
> > This Email contains MillenniuM Information
> > Systems, LLC Privileged Information which
> > is Customer or Business Sensitive.
> > --------------------------------------------
> >
> >
> > -----Original Message-----
> > From: Edward Chanter [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, August 02, 2001 10:32 AM
> > To: CF-Talk
> > Subject: RE: default.ida?
> >
> >
> > > -----Original Message-----
> > > > I don't actually think it's hysteria mate, do you want to see
> > > > a copy of my
> > > > IDS logs????
> > >
> > > Not really, no. They tend to be boring and full of kidz getting 404's.
> >
> > :-) I did say IDS logs though, they filter out all the crap and
> > only show me
> > the ISAPI Extension Overflow errors.....
> >
> > > > There are a large number of attacks going on as
> > > > I write this
> > >
> > > Woo-wee - where have you been ? An ongoing scan of your system is
> > > a *FACT OF
> > > LIFE* for a system on the internet.
> > > My dial-up gateway at home gets scanned !
> >
> > Tell me about it, then again, my server very rarely blocks
> anyone, so far
> > today it's implemented over 300 24 bans on various IP addresses
> > in the last
> > 12 hours..... That is unusual.....
> >
> > > > and anyone running an unpatched/unprotected IIS server needs
> > > > to do something
> > > > about it asap.
> > >
> > > No, anyone running an unpatched/unprotected IIS server on a
> > public network
> > > needs to fired, as their not doing their job. The patch was all
> > > over BugTraq
> > > et al. well before Code Red was released.
> >
> > Agreed!
> >
> > > But, if you look at the domains from which these scans originate,
> > > most have
> > > no reverse look-up, or are from ISP's like @home <shrug> and
> > > those are just
> > > the people who wont care, because Code Red version 2 is non
> > destructive to
> > > the local machine.
> >
> > Lot's of Chinese, Japanese, Koreans, Mexicans and a few US and
> EU academic
> > one's as well...... There are even some coming in as 0.0.0.0
> >
> > I have had a few responses from some of the ones I thought would take
> > action, some very sheepish IISadmins out there :-)
> >
> > We're averaging a new attempt every minute or so....
> >
> > -= Ed
> >
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
