On Tue, Sep 11, 2001 at 09:06:34PM +0800 or thereabouts, Gideon N. Guillen wrote:
> Fritz Mesedilla wrote:
>
> > Our junior sysad was able to trace this to a Drivenet company. Local siya.
> > Mukhang naka-pre-paid card yung mokong.
> >
> > Anyway, sana mabigyan niyo ako ng tracing program. Something that can give
> > me an idea who is trying to enter our servers.
>
> Kung prepaid account yan malabong ma-trace yan, lalo na kung wala pa siyang
> POP3 email doon sa ISP niya. Pero prepaid nabiktima ng Code Red... maliit
> lang ang chance na ma-infect 'yon dahil hindi naman 'yon laging on-line e.
can't help but i have to point out. you have fallen into the trap most
dial-up users have. just because you're not online 24x7 doesn't mean
you can't be r00t3d. i saw a report in cyberspace about this i just
can't find now where the heck i placed it.
in short, all those users on the list who are on dial-up install a
personal firewall. for winbloze there is that freeware for personal use
(dang this memory failing when you need it) and
ipchains/iptables/ipfilter for linux siempre.
> Maaring sira-ulo script kidde ang loko na nagbabaka-sakaling naka-IIS kayo
> na wala pang patch. Siguro ang magandang gawin diyan ay makipag-coordinate
> na lang kayo doon sa ISP ng nandiyan sa ISP na 'yan at kung may Caller-ID
> logging sila at maima-match natin yung IP address sa logged na caller ID sa
> ekasktong oras na naka lagay diyan sa logs niyo ay maaring mahuli 'yan kung
> isang script kiddie nga 'yan.
>
--
"In is out and out is in. But out is out and in is in."
-- Pumbaa
PGP signature
