|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] A dumb question
From: Twenty SF (twentysf
gmail.com)
Date: Mon Sep 25 2006 - 08:38:33 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
It could be any number of ways, but if it's a targeted attack they may
have just pulled the info from WHOIS (I'm assuming your account name
is "rtfraily" from your web server and then did an ARIN lookup (or
possibly just scanned other IP's around the same range as your web
server).
The server also might have an account enumeration vulnerability, it
really could be many things.
On 9/25/06, Robert Frailey <rfraileyutahmed.com> wrote:
> The hackers nightly hit my microsoft windows 2003 servers. In the sercurity
> log i see an entry for anonymous then half a dozen failed login attempts.
> What bothers me is they've been trying my login name and my web masters
> login name for that perticular server. All have been unsuccessful but how
> did they get the login names.
>
> Rob
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydavelists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]