From owner-freebsd-security Tue Feb 2 08:40:26 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA03825 for freebsd-security-outgoing; Tue, 2 Feb 1999 08:40:26 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mta2-rme.xtra.co.nz (mta.xtra.co.nz [203.96.92.3]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA03819 for ; Tue, 2 Feb 1999 08:40:20 -0800 (PST) (envelope-from junkmale@pop3.xtra.co.nz) Received: from wocker ([210.55.210.87]) by mta2-rme.xtra.co.nz (InterMail v04.00.02.07 201-227-108) with SMTP id <19990202164109.FBNL678125.mta2-rme@wocker>; Wed, 3 Feb 1999 05:41:09 +1300 From: "Dan Langille" Organization: The FreeBSD Diary To: "Daniel Minoru Saito" Date: Wed, 3 Feb 1999 05:40:11 +1300 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: what were these probes? Reply-to: junkmale@xtra.co.nz CC: In-reply-to: <003901be4e95$c2c58210$1400a8c0@basecamp.digital-canvas.com> X-mailer: Pegasus Mail for Win32 (v3.01d) Message-Id: <19990202164109.FBNL678125.mta2-rme@wocker> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org For those that may copy and paste, please note that it's cVvm.com. (mixed case used to indicate it's a double-v, not a w). On 2 Feb 99, at 19:21, Daniel Minoru Saito wrote: > Wait.. look where its originating out of.. from the nameserver. I bet ya > that that ns.cwm.com was hacked using the dns exploit. From there the > attack originated on.. So it would be in the best interest to say to the > administrator of cwm.com to do a security check. -- Dan Langille The FreeBSD Diary http://www.FreeBSDDiary.com/freebsd To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message