[PLUG] Latest round of Microsoft insecurity

Stafford A. Rau srau at rauhaus.org
Tue May 21 20:01:28 UTC 2002


Don't let your friends run M$ SQL Server (M-Squeal-Server) on an
unprotected host, if at all. Scanning for default or no password SQL
accounts, which lead to full system compromise, is running rampant right
now:


May  9 19:06:10 kort tcplogd: port 1433 connection attempt from [193.15.48.103]
May 20 11:21:30 kort tcplogd: port 1433 connection attempt from [198.182.98.6]
May 20 11:21:30 kort tcplogd: port 1433 connection attempt from [198.182.98.6]
May 20 11:21:30 kort tcplogd: port 1433 connection attempt from [198.182.98.6]
May 20 16:35:07 kort tcplogd: port 1433 connection attempt from [203.184.168.130]
May 20 16:35:11 kort tcplogd: port 1433 connection attempt from [203.184.168.130]
May 20 18:29:37 kort tcplogd: port 1433 connection attempt from [203.116.179.22]
May 20 18:29:38 kort tcplogd: port 1433 connection attempt from [203.116.179.22]
May 20 18:29:38 kort tcplogd: port 1433 connection attempt from [203.116.179.22]
May 20 18:51:59 kort tcplogd: port 1433 connection attempt from CPE00c049aa034a.cpe.net.cable.rogers.com [24.157.231.63]
May 20 18:51:59 kort tcplogd: port 1433 connection attempt from CPE00c049aa034a.cpe.net.cable.rogers.com [24.157.231.63]
May 20 18:52:00 kort tcplogd: port 1433 connection attempt from CPE00c049aa034a.cpe.net.cable.rogers.com [24.157.231.63]
May 20 19:51:58 kort tcplogd: port 1433 connection attempt from sdn-ar-001flfmyeP012.dialsprint.net [168.191.79.20]
May 20 19:51:58 kort tcplogd: port 1433 connection attempt from sdn-ar-001flfmyeP012.dialsprint.net [168.191.79.20]
May 20 19:51:59 kort tcplogd: port 1433 connection attempt from sdn-ar-001flfmyeP012.dialsprint.net [168.191.79.20]
May 20 19:52:00 kort tcplogd: port 1433 connection attempt from sdn-ar-001flfmyeP012.dialsprint.net [168.191.79.20]
May 20 20:06:03 kort tcplogd: port 1433 connection attempt from [209.45.51.222]
May 20 20:06:03 kort tcplogd: port 1433 connection attempt from [209.45.51.222]
May 20 20:06:04 kort tcplogd: port 1433 connection attempt from [209.45.51.222]
May 20 20:54:12 kort tcplogd: port 1433 connection attempt from 146-115-74-188.c3-0.lex-ubr1.sbo-lex.ma.cable.rcn.com [146.115.74.188]
May 20 20:54:12 kort tcplogd: port 1433 connection attempt from 146-115-74-188.c3-0.lex-ubr1.sbo-lex.ma.cable.rcn.com [146.115.74.188]
May 20 20:54:13 kort tcplogd: port 1433 connection attempt from 146-115-74-188.c3-0.lex-ubr1.sbo-lex.ma.cable.rcn.com [146.115.74.188]
May 20 21:56:22 kort tcplogd: port 1433 connection attempt from w194.z064001195.sea-wa.dsl.cnc.net [64.1.195.194]
May 20 21:56:23 kort tcplogd: port 1433 connection attempt from w194.z064001195.sea-wa.dsl.cnc.net [64.1.195.194]
May 20 21:56:23 kort tcplogd: port 1433 connection attempt from w194.z064001195.sea-wa.dsl.cnc.net [64.1.195.194]
May 21 04:03:21 kort tcplogd: port 1433 connection attempt from adsl-65-66-134-201.dsl.kscymo.swbell.net [65.66.134.201]
May 21 04:03:21 kort tcplogd: port 1433 connection attempt from adsl-65-66-134-201.dsl.kscymo.swbell.net [65.66.134.201]
May 21 04:03:21 kort tcplogd: port 1433 connection attempt from adsl-65-66-134-201.dsl.kscymo.swbell.net [65.66.134.201]
May 21 04:48:23 kort tcplogd: port 1433 connection attempt from host6-48.pool21759.interbusiness.it [217.59.48.6]
May 21 04:48:23 kort tcplogd: port 1433 connection attempt from host6-48.pool21759.interbusiness.it [217.59.48.6]
May 21 04:48:23 kort tcplogd: port 1433 connection attempt from host6-48.pool21759.interbusiness.it [217.59.48.6]
May 21 06:53:55 kort tcplogd: port 1433 connection attempt from bgrtrf071012.prexar.com [142.167.71.12]
May 21 06:53:55 kort tcplogd: port 1433 connection attempt from bgrtrf071012.prexar.com [142.167.71.12]
May 21 06:53:56 kort tcplogd: port 1433 connection attempt from bgrtrf071012.prexar.com [142.167.71.12]
May 21 06:53:56 kort tcplogd: port 1433 connection attempt from bgrtrf071012.prexar.com [142.167.71.12]
May 21 07:09:09 kort tcplogd: port 1433 connection attempt from 193.125.252.64.snet.net [64.252.125.193]
May 21 07:09:10 kort tcplogd: port 1433 connection attempt from 193.125.252.64.snet.net [64.252.125.193]
May 21 07:09:10 kort tcplogd: port 1433 connection attempt from 193.125.252.64.snet.net [64.252.125.193]
May 21 07:42:50 kort tcplogd: port 1433 connection attempt from cdm-208-246-134-brcs.cox-internet.com [208.180.246.134]
May 21 07:42:51 kort tcplogd: port 1433 connection attempt from cdm-208-246-134-brcs.cox-internet.com [208.180.246.134]
May 21 07:42:51 kort tcplogd: port 1433 connection attempt from cdm-208-246-134-brcs.cox-internet.com [208.180.246.134]
May 21 07:52:49 kort tcplogd: port 1433 connection attempt from ecpn98.ecpn.inri.com [208.167.96.98]
May 21 07:52:49 kort tcplogd: port 1433 connection attempt from ecpn98.ecpn.inri.com [208.167.96.98]
May 21 07:52:50 kort tcplogd: port 1433 connection attempt from ecpn98.ecpn.inri.com [208.167.96.98]
May 21 07:52:50 kort tcplogd: port 1433 connection attempt from ecpn98.ecpn.inri.com [208.167.96.98]
May 21 10:24:45 kort tcplogd: port 1433 connection attempt from diag43-191.sfsu.edu [130.212.43.191]
May 21 10:24:46 kort tcplogd: port 1433 connection attempt from diag43-191.sfsu.edu [130.212.43.191]
May 21 10:24:46 kort tcplogd: port 1433 connection attempt from diag43-191.sfsu.edu [130.212.43.191]
May 21 10:24:47 kort tcplogd: port 1433 connection attempt from diag43-191.sfsu.edu [130.212.43.191]
May 21 11:08:22 kort tcplogd: port 1433 connection attempt from dkc.demon.co.uk [212.228.109.217]
May 21 11:08:22 kort tcplogd: port 1433 connection attempt from dkc.demon.co.uk [212.228.109.217]
May 21 11:08:23 kort tcplogd: port 1433 connection attempt from dkc.demon.co.uk [212.228.109.217]
May 21 11:08:24 kort tcplogd: port 1433 connection attempt from dkc.demon.co.uk [212.228.109.217]

--Stafford




More information about the PLUG mailing list