lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: nion at gmx.net (Nico Golde)
Subject: the bot 200.106.25.197

Hallo Marc,

* Marc Chabot <marcchabot@...cchabot.com> [2004-04-15 16:49]:
> Can anyone here identify what bot this is?
> I keep getting viruses comming from 200.106.25.197 and
> it's open to telnet on port 23 asking for a password.

the ip could be an dynamic ip and 23 is the default telnet port.
it can be difficult to figure it out ;-)
regards nico

-- 
Nico Golde                | nico@...lde.de      | 310777820@ICQ | nion@....net
http://www.ngolde.de      | GnuPG Key: http://www.ngolde.de/gpg/nico_golde.gpg
Fingerprint               | FF46 E565 5CC1 E2E5 3F69  C739 1D87 E549 7364 7CFF 
vim -c   ":%s/^/WhfgTNabgureRIvzSUnpxreT-Tavba/|:%s/[R-T]/ /Ig|:normal ggVGg?"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040415/e405ed62/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ