On Mon, 14 Dec 1998, Phil Howard wrote:
Just a few minutes ago, another attempted IMAPD breakin. This one originated from rock.careers.csulb.edu [134.139.149.100]. It was logged at Dec 14 16:59:56 CST.
Yea... They are going on all over the net. The problem is that many people are on the net putting up boxes that have the 'standard' OS install and not patching the system or following bugtraq etc. They get into one and than another and another. There really needs to be a clearing house for companies to get together and help track down these so called great hackers (script kiddies). We had a breakin from gtecablemodem.com around midnight and couldn't get a hold of anyone. We don't peer with them so our contact info was limited. I even check out the noc page info sites and they (as well at GTE) were not listed. But, to this day, they still have an open relay on their cable modem network that allows script kiddies from around the world to use them(1). We are starting to put together information for nocs and now we need numbers for network security in each company... Maybe NANSG (North American Network Security Group). Than when we attend mettings, we can sign each others PGP key so we know who we are dealing with. Christian (1) if anyone from GTE Cable would like to contact me, I would be glad to give them the site they are using as a relay.