Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] ftp login tries with private IP
  • From: semat <semat@xxxxxxxxxxxxxxx>
  • Date: Wed, 13 Dec 2000 17:43:00 +0300 (EAT)
  • Message-id: <Pine.LNX.4.21.0012131741400.25998-100000@xxxxxxxxxxxxxxxx>
It could also be that you had a machine on your network that was running
in promiscuous mode and was thus giving out info on your local
network. Check and see if you're running any network management daemons
like ntop etc.

On Thu, 7 Dec 2000, webmaster wrote:

> Dear List,
> Is it possible to trace back an intruder who tried to compromise as
> "webmaster" as if coming from an existing private intranet IP?
> I was working exactly on that intranet machine whose private IP appeared in
> logs, and I was using Powerpoint and nothing else was running in the time
> being logged.
> Attempted failed however since in.ftpd is not running. But his knowing the
> IP of intranet machine may indicate some sniffing, may it not.
>
> /-------------------------/
> Antal Leisen
> webmaster@xxxxxxxxx
> Kreorg Educational Center
> Budapest, Hungary
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>


< Previous Next >
References