|
Posted by Roy Penfold on November 27, 2005, 11:18 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Our tripwire system picked up an intrusion attempt onto our main server and
alerted me at 02:00 this morning.
It loooks as though someone found a way into our network and discovered an
email to our new network admin giving passwords etc.
I have changed all passwords and am in the processof changing usernames/IP
addressess.
Log files are being sent to Sussex Police. As a result of this, I would
recommend not attempting to connect on any of the IPs listed.
Many thanks for you attention on this guys.
Roy Penfold
IT Manager
STAMCO Timber
>
>>Jim Watt wrote:
>>>
>>>
>>>>Christian Fuß wrote:
>>>>
>>>>>The Accounts are all real.... holy shit...
>>>>>
>>>>>are you high? omfg!
>>>>
>>>>the web site is still up and looks untouched. Was the FTP address u/n
>>>>p/w valis as well? I can't look from the UK because of the computer
>>>>misuse act lol. It's a business site!
>>>>
>>>>lol My bet is a manager who was just fired
>>>
>>>
>>> If so he deserves to be, and worse.
>>>
>>> However, looking at their wensite it seems they had a problem with
>>> a spammer using their address, so maybe this is his way of 'paying
>>> them back'
>>>
>>> I've notified them, the rest is their problem. Dunno how hot the
>>> Sussex police are on computer crime, but if you live in the UK
>>> I'd refrain from trying any of those uid's
>>
>>I'm not going to even attempt to try the uid's, I AM going to be on the
>>phone to them at 7:30 tomorrow when they open shop, might get a new
>>client out of them :)
>>
>>I'm in Sussex, so they're almost local. I'll post back
>
> You can mail me via the response form on my website,
> I used to live in Haywards Heath but escaped via LGW
>
> Checking the external addresses they are not responding so maybe
> someone has caught on already.
> --
> Jim Watt
> http://www.gibnet.com
| 
XML site map