Tilted Forum Project Discussion Community - View Single Post

skaven · 01-25-2005, 06:17 PM

Those connections from a single IP are probably either a virus-infected PC randomly hitting your server and trying to infect it, or possibly somebody probing your FTP server to see if it's vulnerable. Seems logical for a script to make several connection attempts, each one using a different exploit, then if none get through, move to the next IP.

As long as your FTP client is up-to-date and doesn't have any known vulnerabilities, and you're up-to-date on your windows updates, you should be OK.

I wouldn't worry too much about password sniffing...the only time I've ever even heard of this working is at offices using old hub-based network equipment. You shouldn't have anything to worry about, unless you've got some really nosy sysadmins at your ISP...

01-25-2005, 06:17 PM	#8 (permalink)
skaven Insane Location: Austin, TX	Those connections from a single IP are probably either a virus-infected PC randomly hitting your server and trying to infect it, or possibly somebody probing your FTP server to see if it's vulnerable. Seems logical for a script to make several connection attempts, each one using a different exploit, then if none get through, move to the next IP. As long as your FTP client is up-to-date and doesn't have any known vulnerabilities, and you're up-to-date on your windows updates, you should be OK. I wouldn't worry too much about password sniffing...the only time I've ever even heard of this working is at offices using old hub-based network equipment. You shouldn't have anything to worry about, unless you've got some really nosy sysadmins at your ISP...