*SHORT* summary of some of the attacks against us for Aug 2004

   Just too many scans and not enough time to keep the list up all the time
    so... some of the more intresting scans/attacks, or 1 day samples are here
 

 year - time EASTERN source_ip[:port] (dns name, if any) attack/scan/notes


2004/08/25-09:10:33 host-on-campus - scanned multiple machines, attacked and entered 1 machine, did  net stop "AVSync Manager"
2004/08/25-09:10:33 host-on-campus - used c:\winlog.txt as input to ftp command to 146.110.122.41 port 9050, user hack. fetch uptime.exe, 2mb. rename 2mb autoemf.exe
2004/08/25-09:10:33 host-on-campus - Sent mail to funky_chicken@SexMagnet.com
2004/08/25-09:23:11 145.99.223.42 - connect directly to our machine for more fun. Seems to come from some dsl line.
2004/08/29-19:03:51.05 201.128.50.40 (dsl-201-128-50-40.prod-infinitum.com.mx) scan net on ftp trying to loign as root passwd root - sheesh
2004/08/31-10:47:27 202.64.28.81 () try to login as root via ssh - machine scan. New hole in ssh?