--=-4leDhtA6TSic2EzHYXca Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hmm, 'tis a nasty one. I wonder why it just now hit me, cox, and now several other broadband providers. Thanks for the links. On Fri, 2003-08-29 at 16:15, Jeffrey Pyne wrote: > On Friday, August 29, 2003 3:57 PM, Bryce C wrote: >=20 > > I was just running through my fw logs and I noticed ALOT of hits on > > port 901 (SWAT usually) and all from Cox addresses.=20 >=20 > A Google search turned up these links: >=20 > http://www.dshield.org/pipermail/list/2003-June/008480.php. =20 > http://www.dslreports.com/forum/remark,7041312~root=3Dsecurity,1~mode=3D= flat > =20 > http://securityresponse.symantec.com/avcenter/venc/data/backdoor.netdevil= .ht > ml >=20 > Looks like the kiddiez are playing with something called "NetDevil". >=20 > ~Jeff > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change you mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --=20 Bryce C CoBryce Communications --=-4leDhtA6TSic2EzHYXca Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQA/T+HO/wbq/C6yyPcRAmHnAJ9DjyRAL6dG7O/G2u2NpNdrOVCbOACfQoPi joPGDgYAjLKKGpUcwHrsNcM= =Ww73 -----END PGP SIGNATURE----- --=-4leDhtA6TSic2EzHYXca--