rr.com is a cable ISP (Road Runner), so its much more likely that it is a static (or only mildly dynamic) IP address. D At 12:05 PM 9/17/99 -0500, scott wrote:
There are alot of possibilites here. The cracker could have 1) broken into the isp and stolen an account 2) broken into a dial up user's box and attacked from there 3) stolen a dial up users password. In any case the ISP needs to know about it, and should be able to figgure out what happend, if they are clever.
scott
----- Original Message ----- From: Peter Münster
To: Cc: Sent: Friday, September 17, 1999 6:44 AM Subject: Re: [suse-security] telnet and su attack on my linux On Fri, 17 Sep 1999 gbruchhaus@makrolog.de wrote:
Ya, I did it, but rr.com seems to be a big provider in US, so the cracker could hide his attack in the dynamic IP-Adress
Normally it should be possible for a provider to identify his client by IP-adress, date and time. Peter
--
******************************************* URL: http://gmv.spm.univ-rennes1.fr/~peter/ *******************************************
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com