On Mon, Mar 19, 2001 at 01:01:39PM -0800, Clayton Fiske had this to say:
Is there a (fairly) recent exploit for common ftp daemons going around lately? In the past several days, I've seen a very noticeable jump in the number of people attempting anonymous ftp logins. Typically I noticed it once or twice a week, and usually single attempts, but now they're coming in every few hours and they each make 4 attempts within a second (which is one per IP bound to the box I'm watching). It looks like it has to be some kind of script.
Anyone else seeing any noticeable increases like this?
probably due to the increasingly long thread on vulnerabilities in ftpds that is going on over in BUGTRAQ. Nothing too new, but every time a new 'sploit' is released there, every kiddie on the block just has to try it. -- Scott Francis scott@ [work:] v i r t u a l i s . c o m Systems Analyst darkuncle@ [home:] d a r k u n c l e . n e t PGP fingerprint 7ABF E2E9 CD54 A1A8 804D 179A 8802 0FBA CB33 CCA7 illum oportet crescere me autem minui