The best way to see what is going on is to dump the traffic to a file and
analyse it. Tcpdump and ethereal are great tools for that purpose.
Ethereal will make the job easier and should give you a clue.
If you are affraid the server has been compromised you have to use another
computer to get
On torsdag 13. mai 2004, 19:32, Robert Jakubowski wrote:
The best way to see what is going on is to dump the traffic to a file
and analyse it. Tcpdump and ethereal are great tools for that
purpose.
Great! Reagan Blundell also told me about them offline.
Ethereal will make the job easier and
/ 2004-05-13 19:53:33 +0200
\ Kjetil Kjernsmo:
On torsdag 13. mai 2004, 19:32, Robert Jakubowski wrote:
The best way to see what is going on is to dump the traffic to a file
and analyse it. Tcpdump and ethereal are great tools for that
purpose.
Great! Reagan Blundell also told me about
On Thu, May 13, 2004 at 07:53:33PM +0200, Kjetil Kjernsmo wrote:
19:41:32.083993 217.77.34.162.2090 226.58.55.41.1434: udp 376 [ttl 1]
19:41:32.192344 217.77.34.162.2090 234.247.236.46.1434: udp 376 [ttl
1]
M, I don't know what machine 217.77.34.162 is, but I wouldn't be
surprised
On torsdag 13. mai 2004, 20:15, Lars Ellenberg wrote:
19:41:29.675637 217.77.34.162.2090 234.195.198.113.1434: udp 376
[ttl 1]
ok, chances are that 217.77.34.162 runs an unpatches MS-SQL server,
was infected, and now tries to compromise the world, and its own
subnet, where you happen to
On torsdag 13. mai 2004, 20:37, Gian Piero Carrubba wrote:
Il gio, 2004-05-13 alle 19:53, Kjetil Kjernsmo ha scritto:
[...]
19:41:32.083993 217.77.34.162.2090 226.58.55.41.1434: udp 376
[ttl 1] 19:41:32.192344 217.77.34.162.2090 234.247.236.46.1434:
udp 376 [ttl 1]
A switched lan,
* Kjetil Kjernsmo:
Oh, I see. But one thing I do not understand, it doesn't seem like this
traffic is directed at me, since it's not my address that's the
destination...? Are they routing their traffic through me or something?
It's some odd switch-router whose forwarding table is overflown
On torsdag 13. mai 2004, 22:10, Florian Weimer wrote:
* Kjetil Kjernsmo:
Oh, I see. But one thing I do not understand, it doesn't seem like
this traffic is directed at me, since it's not my address that's
the destination...? Are they routing their traffic through me or
something?
It's
An associate of yours has set you up on a romantic appointment with someone.
http://butidoloveyou.com
/web/?oc=53031103
The FREE dating web site
CREATED BY WOMEN
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all!
In turn to you with a bit of desperation now. It feels like I'm under
some kind of attack. Maybe I've even been compromised. The last few
days, I've experienced an insane and constant amount of incoming
traffic. I'm not sure how long it
The best way to see what is going on is to dump the traffic to a file and
analyse it. Tcpdump and ethereal are great tools for that purpose.
Ethereal will make the job easier and should give you a clue.
If you are affraid the server has been compromised you have to use another
computer to get
Kjetil Kjernsmo wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all!
In turn to you with a bit of desperation now. It feels like I'm under
some kind of attack. Maybe I've even been compromised. The last few
days, I've experienced an insane and constant amount of incoming
traffic.
On torsdag 13. mai 2004, 19:32, Robert Jakubowski wrote:
The best way to see what is going on is to dump the traffic to a file
and analyse it. Tcpdump and ethereal are great tools for that
purpose.
Great! Reagan Blundell also told me about them offline.
Ethereal will make the job easier and
/ 2004-05-13 19:53:33 +0200
\ Kjetil Kjernsmo:
On torsdag 13. mai 2004, 19:32, Robert Jakubowski wrote:
The best way to see what is going on is to dump the traffic to a file
and analyse it. Tcpdump and ethereal are great tools for that
purpose.
Great! Reagan Blundell also told me about
On Thu, May 13, 2004 at 07:53:33PM +0200, Kjetil Kjernsmo wrote:
19:41:32.083993 217.77.34.162.2090 226.58.55.41.1434: udp 376 [ttl 1]
19:41:32.192344 217.77.34.162.2090 234.247.236.46.1434: udp 376 [ttl
1]
M, I don't know what machine 217.77.34.162 is, but I wouldn't be
surprised
On torsdag 13. mai 2004, 20:15, Lars Ellenberg wrote:
19:41:29.675637 217.77.34.162.2090 234.195.198.113.1434: udp 376
[ttl 1]
ok, chances are that 217.77.34.162 runs an unpatches MS-SQL server,
was infected, and now tries to compromise the world, and its own
subnet, where you happen to
Il gio, 2004-05-13 alle 19:53, Kjetil Kjernsmo ha scritto:
[...]
19:41:32.083993 217.77.34.162.2090 226.58.55.41.1434: udp 376 [ttl 1]
19:41:32.192344 217.77.34.162.2090 234.247.236.46.1434: udp 376 [ttl
1]
A switched lan, I see ;)
It can be slammer [1] (if so, I guess why the ISP tech
On torsdag 13. mai 2004, 20:37, Gian Piero Carrubba wrote:
Il gio, 2004-05-13 alle 19:53, Kjetil Kjernsmo ha scritto:
[...]
19:41:32.083993 217.77.34.162.2090 226.58.55.41.1434: udp 376
[ttl 1] 19:41:32.192344 217.77.34.162.2090 234.247.236.46.1434:
udp 376 [ttl 1]
A switched lan,
* Kjetil Kjernsmo:
Oh, I see. But one thing I do not understand, it doesn't seem like this
traffic is directed at me, since it's not my address that's the
destination...? Are they routing their traffic through me or something?
It's some odd switch-router whose forwarding table is overflown
On torsdag 13. mai 2004, 22:10, Florian Weimer wrote:
* Kjetil Kjernsmo:
Oh, I see. But one thing I do not understand, it doesn't seem like
this traffic is directed at me, since it's not my address that's
the destination...? Are they routing their traffic through me or
something?
It's
An associate of yours has set you up on a romantic appointment with someone.
http://butidoloveyou.com
/web/?oc=53031103
The FREE dating web site
CREATED BY WOMEN
21 matches
Mail list logo