|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: ingreslock message
From: H D Moore (hdm
SECUREAUSTIN.COM)Date: Tue Mar 07 2000 - 13:05:29 CST
- Next message: Eric Maiwald: "Re: ingreslock message"
- Previous message: Robert Graham: "Re: ingreslock message"
- In reply to: Dino Amato: "ingreslock message"
- Next in thread: Eric Maiwald: "Re: ingreslock message"
- Reply: H D Moore: "Re: ingreslock message"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ingreslock is the most common port that crackers put thier rootshells
on, because the majority of system admins don't know what it is and may
overlook it easily. It was probably just some script kiddie (or
"security consultant" who knows these days) scanning for forgotten
rootshells.
-HD
Dino Amato wrote:
>
> I logged this:
> Mar 5 15:58:23 monitor tcplogd: ingreslock connection attempt from unknownsleipnir1.cs.ucl.ac.uk
> what does the ingreslock mean and what was this person trying to do?
> Thanks
- Next message: Eric Maiwald: "Re: ingreslock message"
- Previous message: Robert Graham: "Re: ingreslock message"
- In reply to: Dino Amato: "ingreslock message"
- Next in thread: Eric Maiwald: "Re: ingreslock message"
- Reply: H D Moore: "Re: ingreslock message"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]