At 12:21 PM 12/20/2001 -0800, Dave wrote: >Thanks for the reply - and I saw a similar post almost the same time as mine >with a reply, didn't mean to post the same question twice :) In my case, >61.175.130.201 is most certainly NOT a customer as Output from ARIN WHOIS >returns: Asia Pacific Network Information Center??? Is it still harmless?
FWIW, I have been seeing a lot of scans from that part of the world lately and have actually black-holed an entire class-B from over there because of the malicious traffic. I know of two systems hacked from similar addresses as well, so it's worth keeping an eye on. Note that the ones I'm seeing are from ISP dialup accounts so I doubt there is some kind of distributed DoS/scan happening here, probably just increased attacks in general from all the US-oriented media coverage. - Ralph _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
