[ntp:security] hacking

Brad Knowles knowles at ntp.org
Sun Dec 2 07:14:13 UTC 2007


On 12/1/07, Roger Mew wrote:

>  Hi my system has caught a potential hacker from your system the report is
>  as follows:-
>  Dec 1 22:10:38 kernel: Intrusion detected from 89.84.177.28. Source port
>  is 1899, and destination port is 40713 which use the TCP protocol.
>
>  Dec 1 22:10:41 kernel: Intrusion detected from 89.84.177.28. Source port
>  is 1899, and destination port is 40713 which use the TCP protocol.
>
>  Dec 1 22:10:47 kernel: Intrusion detected from 89.84.177.28. Source port
>  is 1899, and destination port is 40713 which use the TCP protocol.
>
>  I am having repeated problems from FT and I think I know why but you need
>  to investigate what and why.

I am sorry, but we have nothing to do with the network in question. 
According to the Routing Arbiter database, the entire 89.80.0.0/12 
network is owned by the T-Online France (a large ISP in France, whose 
parent company I believe is T-Online in Germany, which is one of the 
largest ISPs in all of Europe).

You need to contact them with any questions you may have regarding 
issues with the network in question.

-- 
Brad Knowles <knowles at ntp.org>       Postmaster, Listmaster, & PGP Keymaster
     <http://support.ntp.org/bin/view/Main/ContributorsList>


More information about the security mailing list