Server in Iran compromised.
Who is launching the scan? Is it a random script kiddie or maybe a bot farm, using the Iranian server?
A sophisticated attacker may actually use some simple "script kiddie" tools first, in order to hide out in the noise of bot probes. What computers are they taking over?
And port 5900 (VNC) appears to be the main attack method.
| Discovered Targets: | 1867 |
| First Reported: | 2007-05-11 |
| Most Recent Report: | 2007-05-02 |
Whom is using this Iranian server?
Whom are they attacking?
How many more Iranian servers penetrated?
Breaking:
Gerald
No comments:
Post a Comment