[H-GEN] Buffer Overflow attack
Robert Brockway
robert at blake.humbug.org.au
Tue Sep 7 09:35:04 EDT 1999
[ Humbug *General* list - semi-serious discussions about Humbug and
Unix-related topics. ]
Hi all. At approximately 1:43am EST 7/9/99 blake.humbug.org.au (my
router) was attacked by a machine coming from interlog.com. After
sending this email I will email their hostmaster.
The attack took the form of a buffer overflow attack on mountd from the IP
207.34.209.91 (a dialup box I believe as Interlog is an isp). Blake
blocked the attack and I've investigated the incident and it appears their
attack was completely unsuccessful. Soon after the buffer overflow attack
connection attempts were made to the sunrpc port and port 10752.
I think other club members should check their logs to look for similar
attacks as on a few previous occassions we have found several clubs
machines have been attacked by the same person at around the same time.
All's well that ends well :)
Cheers,
-Robert
--Robert Brockway B.Sc. Email: robert at blake.humbug.org.au
robert.brockway at uq.net.au
WWW: http://www.oc.humbug.org.au/~robert
.sig now invisible for your convenience.
--
This is list (humbug) general handled by majordomo at lists.humbug.org.au .
Postings only from subscribed addresses of lists general or general-post.
More information about the General
mailing list