| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue Mar 14 22:43:26 2006 From: merchantmatrix at gmail.com (MerchantMatrix.Net) Subject: Massive Attacks from mistral.cz Hello, I'm sorry to bother you. I'm just curious. I was surfing and hit a familiar tide pool.... I say familiar, because I'm on the mistral.cz network in Czech Republic, My ISP is the www.mistral.cz or chello.upc.cz they are about the only real gig in this town or state rather when it comes to Internet. all the other ISPs are in a un-orthodox priced un-orthodox expensive. :-/ Just for good PR sake and info its UPC Cable / TV / Internet. Prague - Brno ....that's why the article published and I copied down there below caught my eye... well, that, and the words "Massive Attacks". If anyone be so kind to elaborate a minute or two on the subject,... *"RE:Massive Attacks from mistral.cz [Full-Disclosure]".* I'm just a curious individual in CZ - and now a web host / reseller. I'm originally from CA. / NV USA area. Please reply if your time permits.Thanks in advance. Respectfully, XE ======================================== [Full-Disclosure] Massive Attacks from mistral.cz [Full-Disclosure] Massive Attacks from mistral.cz *Helmut Hauser* helmut_hauser at hotmail.com <full-disclosure%40lists.grok.org.uk?Subject=%5BFull-Disclosure%5D%20Massive%20Attacks%20from%20mistral.cz&In-Reply-To=> *Tue Dec 23 16:08:37 GMT 2003* - Previous message: [Full-Disclosure] Removing ShKit Root Kit <http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/015013.html> - Next message: [Full-Disclosure] Long intevals on phase I rekey on VPN <http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/015014.html> - *Messages sorted by:* [ date ]<http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/date.html#15008> [ thread ]<http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/thread.html#15008> [ subject ]<http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/subject.html#15008> [ author ]<http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/author.html#15008> ------------------------------ Hi List, we got massive attacks from several mistral.cz hosts. Attacks were blocked but interesting thing is the port-range between 1000-2000. Any new trojan/worm out ? Number: 63791 Date: 22Dec2003 Time: 15:48:14 Type: Log Service: 1740 Source: r2aa191.mistral.cz (62.245.90.191) Protocol: tcp Source Port: 2732 Information: TCP packet out of state: First packet isn't SYN tcp_flags: RST-ACK Number: 63801 Date: 22Dec2003 Time: 15:49:09 Type: Log Service: 1752 Source: h240.brno.mistral.cz (62.245.103.240) Protocol: tcp Source Port: 2680 Information: TCP packet out of state: First packet isn't SYN tcp_flags: RST-ACK Number: 75161 Date: 23Dec2003 Time: 16:52:22 Type: Log Action: Drop Service: 1841 Source: r2d216.mistral.cz (62.245.67.216) Protocol: tcp Source Port: Remote_Storm (1025) Information: TCP packet out of state: First packet isn't SYN tcp_flags: RST-ACK Merry X-Mass Helmut Hauser Systemadministration EDV ------------------------------ - Previous message: [Full-Disclosure] Removing ShKit Root Kit <http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/015013.html> - Next message: [Full-Disclosure] Long intevals on phase I rekey on VPN <http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/015014.html> - *Messages sorted by:* [ date ]<http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/date.html#15008> [ thread ]<http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/thread.html#15008> [ subject ]<http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/subject.html#15008> [ author ]<http://lists.grok.org.uk/pipermail/full-disclosure/2003-December/author.html#15008> ------------------------------ Full-Disclosure <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>is hosted and sponsored by Secunia <http://secunia.com/>. -- Webmaster@...chantMatrix.Net -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060314/33809cba/attachment.html
Powered by blists - more mailing lists