lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <BAY7-DAV13mt3rVvkms0001615b@hotmail.com>
From: helmut_hauser at hotmail.com (Helmut Hauser)
Subject: Massive Attacks from mistral.cz

Hi List, we got massive attacks from several mistral.cz hosts.
Attacks were blocked but interesting thing is the port-range between
1000-2000.
Any new trojan/worm out ?

Number:       63791
Date:             22Dec2003
Time:            15:48:14
Type:            Log
Service:        1740
Source:         r2aa191.mistral.cz (62.245.90.191)
Protocol:       tcp
Source Port: 2732
Information:  TCP packet out of state: First packet isn't SYN
                     tcp_flags: RST-ACK

Number:       63801
Date:             22Dec2003
Time:            15:49:09
Type:            Log
Service:        1752
Source:         h240.brno.mistral.cz (62.245.103.240)
Protocol:       tcp
Source Port: 2680
Information:  TCP packet out of state: First packet isn't SYN
                     tcp_flags: RST-ACK

Number:       75161
Date:             23Dec2003
Time:            16:52:22
Type:            Log
Action:          Drop
Service:        1841
Source:         r2d216.mistral.cz (62.245.67.216)
Protocol:       tcp
Source Port: Remote_Storm (1025)
Information:  TCP packet out of state: First packet isn't SYN
                     tcp_flags: RST-ACK

Merry X-Mass

Helmut Hauser
Systemadministration EDV

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ