19 Mar
2001
19 Mar
'01
4:01 p.m.
Is there a (fairly) recent exploit for common ftp daemons going around lately? In the past several days, I've seen a very noticeable jump in the number of people attempting anonymous ftp logins. Typically I noticed it once or twice a week, and usually single attempts, but now they're coming in every few hours and they each make 4 attempts within a second (which is one per IP bound to the box I'm watching). It looks like it has to be some kind of script. Anyone else seeing any noticeable increases like this? -c