[nsp-sec] Any IRC admins around? real long shot
David Freedman
david.freedman at uk.clara.net
Tue Dec 7 15:48:08 EST 2010
A real long shot here, would anybody be able to assist with finding out some
information about some connections sunday evening (GMT) which we believe
were the precursor to an attack?
2010-12-05 20:05:26.667 0.000 TCP 94.125.182.255:7000 ->
213.2.28.75:56884 1000 130000 1 (undernet)
2010-12-05 20:05:56.881 0.000 TCP 66.198.80.67:7000 ->
213.2.28.75:34542 1000 132000 1 (efnet)
Would absolutely love more information about who from the victim network
(213.2.28.75) was online and using IRC before this attack started Sunday
evening (around 8PM GMT) as the customer is pretty adamant that they've had
no unauthorised access!
Dave.
--
David Freedman
Group Network Engineering
david.freedman at uk.clara.net
Tel +44 (0) 20 7685 8000
Claranet Group
21 Southampton Row
London - WC1B 5HA - UK
http://www.claranet.com
Company Registration: 3152737 - Place of registration: England
All the information contained within this electronic message from Claranet
Ltd is covered by the disclaimer at http://www.claranet.co.uk/disclaimer
More information about the nsp-security
mailing list