[lug] Attempted hack from

Paul Bille Paul at ebille.cudenver.edu
Wed Apr 24 10:24:20 MDT 2002

> As for the "wall of shame", I get way over half of all my hack attempts
from "wanadoo.fr"

I blocked connections from abo.wanadoo.fr a while back for exactly that
reason.  These folks are wasting our bandwidth for, I suspect, malicious

Add to the "wall of shame" and put them in your hosts.deny

Early yesterday morning (GMT -7:00 here in the Rocky Mtns USA) I had someone
from France drop a little present on my FTP server.  The server is
intentionally set up so that incoming files cannot be retrieved nor can they
be executed.  I changed the permissions to -rw-r--r-- for peace of mind.

Apr 21 13:55:46 liz ftpd[27511]: ANONYMOUS FTP LOGIN FROM
lns01v-6-153.w.club-internet.fr [], anonymous at on.the.net
Sun Apr 21 13:57:05 2002 35 lns01v-6-153.w.club-internet.fr 28160
/var/ftp/incoming/love.exe b _ i a anonymous at on.the.net ftp 0 * c
-rwxrwxr-x    1 ftp      ftp         28160 Apr 21 13:57 love.exe

The executable is smaller than W95.SoFunny.Worm at m so I don't know what it
is.  Has anyone else seen anything like this?


More information about the LUG mailing list