[plug] What was that? (firewall breached?)
bob
bob at fots.org.au
Fri May 16 00:33:06 WST 2003
I just had someone walk through my firewall and start an ftp session.
May 15 23:55:29 fots proftpd[32114]: fots.org.au
(202.155.104.210[202.155.104.210]) - FTP session opened.
May 15 23:55:34 fots proftpd[32114]: fots.org.au
(202.155.104.210[202.155.104.210]) - FTP session closed.
didn't seem to do much other than open and close the session but I am a bit
confused as to how they did this as port 20 &21 are closed to the outside
world. I have since blackholed the IP and shut down proftpd... anything
else I should do?
Any ideas as to how they did that?
--
Q: How does a hacker fix a function which
doesn't work for all of the elements in its domain?
A: He changes the domain.
More information about the plug
mailing list