[idnic] (Fwd) Re: Fwd: Port Scanning - server2.client.org 06/27/00:11.

[budi]

Karena milis APJII-Tech belum jalan, maka saya teruskan ke
milis IDNIC supaya ada yang lebih care.

-- budi

------- Forwarded message follows -------
To:                     Budi Rahardjo <[EMAIL PROTECTED]>
From:                   Widya Latief <[EMAIL PROTECTED]>
Subject:                Re: Fwd: Port Scanning - server2.client.org 06/27/00:11.01
        ACTIVE SYSTEM ATTACK!

Dengan Hormat,

Sampai hari ini masih belum ada tanggapan dari pihak sat.net.id
percobaan attack masih berlangsung ..

Active System Attack Alerts
=-=-=-=-=-=-=-=-=-=-=-=-=-=
Jun 29 23:38:30 server2 portsentry[644]: attackalert: Connect from host: 
202.149.79.77/202.149.79.77 to TCP port: 2000
Jun 29 23:38:30 server2 portsentry[644]: attackalert: Host: 202.149.79.77 is already 
blocked. Ignoring
Jun 29 23:38:47 server2 portsentry[644]: attackalert: Connect from host: 
202.149.79.77/202.149.79.77 to TCP port: 2000
Jun 29 23:38:47 server2 portsentry[644]: attackalert: Host: 202.149.79.77 is already 
blocked. Ignoring
Jun 29 23:40:12 server2 portsentry[644]: attackalert: Connect from host: 
202.149.79.77/202.149.79.77 to TCP port: 2000
Jun 29 23:40:12 server2 portsentry[644]: attackalert: Host: 202.149.79.77 is already 
blocked. Ignoring


Security Violations
=-=-=-=-=-=-=-=-=-=
Jun 29 23:38:30 server2 portsentry[644]: attackalert: Connect from host: 
202.149.79.77/202.149.79.77 to TCP port: 2000
Jun 29 23:38:30 server2 portsentry[644]: attackalert: Host: 202.149.79.77 is already 
blocked. Ignoring
Jun 29 23:38:47 server2 portsentry[644]: attackalert: Connect from host: 
202.149.79.77/202.149.79.77 to TCP port: 2000
Jun 29 23:38:47 server2 portsentry[644]: attackalert: Host: 202.149.79.77 is already 
blocked. Ignoring
Jun 29 23:40:12 server2 portsentry[644]: attackalert: Connect from host: 
202.149.79.77/202.149.79.77 to TCP port: 2000
Jun 29 23:40:12 server2 portsentry[644]: attackalert: Host: 202.149.79.77 is already 
blocked. Ignoring




Active System Attack Alerts
=-=-=-=-=-=-=-=-=-=-=-=-=-=
Jun 30 06:01:32 server2 portsentry[644]: attackalert: Connect from host: 
202.149.79.77/202.149.79.77 to TCP port: 2000
Jun 30 06:01:32 server2 portsentry[644]: attackalert: Host: 202.149.79.77 is already 
blocked. Ignoring


Security Violations
=-=-=-=-=-=-=-=-=-=
Jun 30 06:01:32 server2 portsentry[644]: attackalert: Connect from host: 
202.149.79.77/202.149.79.77 to TCP port: 2000
Jun 30 06:01:32 server2 portsentry[644]: attackalert: Host: 202.149.79.77 is already 
blocked. Ignoring
Jun 30 06:59:00 server2 talkd[31897]: recvfrom: Connection refused
Jun 30 06:02:07 server2 in.ftpd[15157]: refused connect from 202.149.79.77


Active System Attack Alerts
=-=-=-=-=-=-=-=-=-=-=-=-=-=
Jun 30 09:48:39 server2 portsentry[644]: attackalert: Connect from host: 
202.149.79.77/202.149.79.77 to TCP port: 2000
Jun 30 09:48:40 server2 portsentry[644]: attackalert: Host: 202.149.79.77 is already 
blocked. Ignoring

berikut dibawah (salah satu penjelasan dari member kami yang termasuk pengguna ip 
diatas)



X-Persona: <[EMAIL PROTECTED]> 
Return-Path: <[EMAIL PROTECTED]> 
Delivered-To: [EMAIL PROTECTED] 
X-Rcpt-To: [EMAIL PROTECTED] 
Received: (qmail 4273 invoked from network); 30 Jun 2000 13:28:50 -0000 
Received: from web906.mail.yahoo.com (128.11.23.81) 
by merpati.indoglobal.com with SMTP; 30 Jun 2000 13:28:50 -0000 
Received: (qmail 19777 invoked by uid 60001); 30 Jun 2000 13:28:48 -0000 
Message-ID: <[EMAIL PROTECTED]> 
Received: from [202.149.79.77] by web906.mail.yahoo.com; Fri, 30 Jun 2000 06:28:48 PDT 
Date: Fri, 30 Jun 2000 06:28:48 -0700 (PDT) 
From: asdi dera <[EMAIL PROTECTED]> 
Subject: Terima Kasih 
To: Widya Latief <[EMAIL PROTECTED]> 
MIME-Version: 1.0 
Content-Type: text/plain; charset=iso-8859-1 
Content-Transfer-Encoding: 8bit 

Terima Kasih atas tanggapan yang cepat dari 
pihak indoglobal :)
Saya akan coba membantu anda.. 
ISP Satnet di Yogya memberikan 1 buah ip static untuk 
satu account dialup maupun unlimited dialup (baik 
melalui line telpon atau wave lan )
untuk yang line telpon 1 nomor dial sepertinya 
digunakan untuk 8 ip static ( dan ada beberapa line 
telpon disana )
untuk yang wave lan saya tidak tahu bagaimana, karena 
sepertinya HUB berfungsi sbg router dan tidak pakai 
jalur telpon


Terima kasih
Dendy
------- End of forwarded message -------
--
STOP-LANGGANAN: 'unsubscribe' ke: [EMAIL PROTECTED]
START-LANGGANAN:  'subscribe' ke: [EMAIL PROTECTED]