|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: CIAC Bulletin K-020
From: Donald McLachlan (don
MAINFRAME.DGRC.CRC.CA)Date: Mon Mar 06 2000 - 08:30:17 CST
- Next message: Filip M. Gieszczykiewicz: "Re: Cracked; rootkit - entrapment question?"
- Previous message: Stuart Staniford-Chen: "Re: auto-reporting to ISPs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Is there a new vector of attack here? I run a closed mailing list.
Since subscribing a particular (and suspicious looking remote) address
has sent 2 messages to the list. Both got logged like:
Mar 04 09:51:36 **************** majordomo[14644]
{***** *** <**************yahoo.com>}
ABORT HOSTILE ADDRESS (path exists to /file) /
Looks awfully suspicious to me. Only problem I know with majordomo
if is the CIAC K-020 bulletin but that is a local address raise priority
attack.
Don
- Next message: Filip M. Gieszczykiewicz: "Re: Cracked; rootkit - entrapment question?"
- Previous message: Stuart Staniford-Chen: "Re: auto-reporting to ISPs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]