Waraxe IT Security Portal
Login or Register
November 22, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 138
Members: 0
Total: 138
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> General discussion -> Need some advice
Post new topicReply to topic View previous topic :: View next topic
Need some advice
PostPosted: Sat Sep 24, 2005 10:08 pm Reply with quote
darkclaw
Regular user
Regular user
Joined: Aug 04, 2005
Posts: 14




Hello!
There is a guy whois using some shells to DoS my UO server.
He is using a BNC on IRC:
C4nt1 is ~FullT@yl27hlvL2ak.211.233.12.O

How do I contact the owner of that network so they can fix their computer?
He is using some shellbot script written in Perl by Atrix Team, its a brazilian group.
You can take a look at script in: http://www.atrix-team.org/files/shellbot
And in the BNC here: http://www.atrix-team.org/files/Atrix_BNC-1.7.tgz

How to avoid being DoSsed?
Thanks!
View user's profile Send private message
PostPosted: Fri Sep 30, 2005 1:31 am Reply with quote
UrlGuy
Regular user
Regular user
Joined: Jul 20, 2005
Posts: 16
Location: Norway




whois.sc/ip
if you meant 211.233.12.0 as IP its owner is "Korea Internet Data Center Inc" abuse: hostmaster@nic.or.kr .
You can customise some rules with Snort to avoid some DoS'. Smile
View user's profile Send private message Visit poster's website MSN Messenger
Re: Need some advice
PostPosted: Wed Oct 05, 2005 5:08 pm Reply with quote
LINUX
Moderator
Moderator
Joined: May 24, 2004
Posts: 404
Location: Caiman




darkclaw wrote:
Hello!
There is a guy whois using some shells to DoS my UO server.
He is using a BNC on IRC:
C4nt1 is ~FullT@yl27hlvL2ak.211.233.12.O

How do I contact the owner of that network so they can fix their computer?
He is using some shellbot script written in Perl by Atrix Team, its a brazilian group.
You can take a look at script in: http://www.atrix-team.org/files/shellbot
And in the BNC here: http://www.atrix-team.org/files/Atrix_BNC-1.7.tgz

How to avoid being DoSsed?
Thanks!


correct is normal this, you server have one vul permit attacker run BNC or shell bot for run commands in one irc server (spam, bnc for anonymous, ddos attack, and much more)

paste here uname -a, look ports 1666 9865 4561 44464 66666 brasilian like run this backdoors, disable perl for nobody user, and look what process running
View user's profile Send private message Visit poster's website
PostPosted: Sat Oct 08, 2005 10:13 pm Reply with quote
darkclaw
Regular user
Regular user
Joined: Aug 04, 2005
Posts: 14




Sorry Linux but i didn't understand a word you said.
I don't have access to the computer that guy is using, I wanted to contact their administrator so they can fix it. I told some guy is using "ghost" computers do DoS my UO Server, who is Windows 2003 based.
I have never used Snort. I will try that.
Thanks.
View user's profile Send private message
Need some advice
www.waraxe.us Forum Index -> General discussion
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.043 Seconds