> These two addresses are probing my webservers to attempt to exploit a Microsoft
> vulnerability, looking for root.exe or cmd.exe. Whoever owns them should pull the
> plug and clean them up:
>
> 35.8.224.89 bard.cal.msu.edu
> 35.8.195.155 han-lab4.for.msu.edu
Gene,
Since there's not a high likelihood that the sysadmins for these systems will
be following MSUNAG, it would be best to send things like this to [log in to unmask],
unless you want to track down the sysadmins or netadmins yourself.
Doug
Doug Nelson [log in to unmask]
Network Manager Ph: (517) 353-2980
Computer Laboratory
Michigan State University
|