OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: zeno (bugtraqcgisecurity.net)
Date: Mon Feb 25 2002 - 07:38:27 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    > I have trouble believing someone would go to the trouble of collecting
    > compromised hosts and then waste them stealthily scanning for
    > vulnerabilities which even inattentive admins are likely to have patched
    > and will trigger any halfway decent IDS but a quick google didn't turn up
    > anything much.
    > Does anyone know what might be causing this?

    People do collect infected hosts for use with ddos nets or machines to bounce from.
    I still get valid code red hits almost daily which means alot of people still haven't
    patched. I would find it very probable someone is collecting infected/backdoored hosts
    for use in a ddos. Its very easy to upload a trojan and gain full access to these machines
    so I don't understand why people wouldn't be scanning.

    - zenocgisecurity.com

    >
    > Chris
    >
    >
    >
    > ----------------------------------------------------------------------------
    > This list is provided by the SecurityFocus ARIS analyzer service.
    > For more information on this free incident handling, management
    > and tracking system please see: http://aris.securityfocus.com
    >
    >

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management
    and tracking system please see: http://aris.securityfocus.com