22 Jun
2016
22 Jun
'16
5:46 p.m.
On 2016-06-22 13:02, Jordi Guillaumes i Pons wrote:
Thanks. I actually forgot to bring this up. I would be surprised if the
script kiddies of today would have the first clue on how to automate any
penetration attack actually from VMS... So it would be interesting to
actually find out a bit more on what actually happened on the
originating side...
El 20 juny 2016, a les 20:14, Brian
Schenkenberger, VAXman- <system at TMESIS.COM> va escriure:
108.31.82.9.
Uh, I?d bet the simulated 3900 is not the real origin of the attack you are getting. It
is probably behind a home DSL/cable router, whith port 23 redirected to the 3900?, which
has probably a private IP address masqueraded using NAT? So probably the node owner has
been hacked and zombified, regadrless of he having a pet 3900 open to the net. Anyway, it would be good to send a heads up to the
operator. I can?t see any QCOCAL node in HECNET, so I don?t know ho he is.
Haven't updated your database in a while? :-)
http://mim.update.uu.se/nodedb?search=qcocal&field=0&sort=0
Johnny