According to Dr A V Le Blanc: > On Thu, 6 Jun 2002 at 14:32:31 +0200 (MEST), > Wolfgang Friebel <[EMAIL PROTECTED]> wrote: > > CERN and other institutes are currently attacked from > > 130.237.48.109 (sul.e.kth.se) > > By scanning port 7001 and sending malicious packets the attacker > > was able to crash AFS servers. > > Reports have shown that at least Solaris 5.6 and 5.7 machines and AIX > > 4.3.3 machines are affected, but probably that are not the only platforms. > > We had all three of our AFS fileservers crash; these are Silicon > Graphics machines running IRIX 6.5 and using OpenAFS 1.2.3 (and > now running OpenAFS 1.2.4). The IP address mentioned does not > appear in any logs, but it may have escaped logging.
The IP address 130.237.48.109 was logged here by one of our AFS clients and I asked [EMAIL PROTECTED] what this was about, here is their answer: According to KTH-IRT: | This host is running afscrawler. The result from this scanning will be | presented here: http://www.usenix.org/events/usenix02/activities.html +gg -- [EMAIL PROTECTED] Fax: +43/1/31336/702 [EMAIL PROTECTED] Zentrum fuer Informatikdienste, Wirtschaftsuniversitaet Wien, Austria _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
