SpawnPoint: ScroTum

My Blog

MAC SECURITY FLAWS

2008-09-17

National Cyber Alert System

Technical Cyber Security Alert TA08-260A

Apple Updates for Multiple Vulnerabilities

Original release date: Sep 16, 2008

Last revised: --

Source: US-CERT

Systems Affected

* Apple Mac OS X versions prior to and including 10.4.11 (Tiger) and

10.5.4 (Leopard)

* Apple Mac OS X Server versions prior to and including 10.4.11 (Tiger)

and 10.5.4 (Leopard)

Overview

Apple has released Security Update 2008-006 and Mac OS X version 10.5.5 to

correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X

Server. Attackers could exploit these vulnerabilities to execute arbitrary

code, gain access to sensitive information, or cause a denial of service.

I. Description

Apple Security Update 2008-006 and Apple Mac OS X version 10.5.5 address a

number of vulnerabilities affecting Apple Mac OS X and Mac OS X Server

versions prior to and including 10.4.11 and 10.5.4. The update also

addresses vulnerabilities in other vendors' products that ship with Apple

Mac OS X or Mac OS X Server.

II. Impact

The impacts of these vulnerabilities vary. Potential consequences include

arbitrary code execution, sensitive information disclosure, denial of

service, privilege escalation, or DNS cache poisoning.

III. Solution

Upgrade

Install Apple Security Update 2008-006 or Apple Mac OS X version 10.5.5.

These and other updates are available via Software Update or via Apple

Downloads.

IV. References

* Securing Your Web Browser -

* About the security content of Mac OS X v10.5.5 and Security Update 2008-006 -

* Mac OS X: Updating your software -

* US-CERT Vulnerability Notes for Apple Security Update 2008-006 -

_________________________________________________________________

The most recent version of this document can be found at:

_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send

email to <cert@cert.org> with "TA08-260A Feedback VU#547251" in the

subject.

_________________________________________________________________

For instructions on subscribing to or unsubscribing from this

mailing list, visit <

_________________________________________________________________

Produced 2008 by US-CERT, a government organization.

____________________________________________________________________

Revision History

September 16 2008: Initial release

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSNANfnIHljM+H4irAQLlgQf+PqS9CZoUf6f9zPZNbyKDhBYETyc31z6G

yrF/p3T2ZfH7qK43GbgSHbriAHi+nzlKdYk6vbt++6mE3Jr3QHmk/gyjp4BD8whS

1Qp6wamRmDUMgboseftfE/Pa/lAoFSejvUsGdgbkrNNH/95LcsPFqL+6pBQHna2c

nFyEz3vMMPGxJr99Nf0Vda0O255fcjpvcVddbj005wvmyA83IT43ZFgAoINkKDvi

qRo2jNmucDoQZTzX/ap1zU3ZSu5dBHlnH1qUK0BvFQSeLeGwaMoijkn2xqpCbzsV

4u3ErEkcLAQVMsTJBEzIs22WU4yRWF07eumhng3rIgGjbXuleNPfig==

=SOoC

-----END PGP SIGNATURE-----

http://www.us-cert.gov/reading_room/securing_browser/>http://support.apple.com/kb/HT3137>http://support.apple.com/kb/HT1338?viewlocale=en_US>http://www.kb.cert.org/vuls/byid?searchview&query=apple_security_update_2008_006>http://www.us-cert.gov/cas/techalerts/TA08-260A.html>http://www.us-cert.gov/cas/signup.html>.http://www.us-cert.gov/legal.html>

Posted in Information Security | 0 comments » 204 Views

PATCHIT

2008-04-11

The ThreatCon is currently at Level 2: Elevated.

The ThreatCon is currently at Level 2. The DeepSight honeynet has observed in-the-wild exploit attempts targeting a GDI vulnerability patched by Microsoft on April 8, 2008. The malicious image appears to target the Microsoft Windows GDI Stack Overflow Vulnerability (BID 28570). At least three different sites are hosting the images; two different malicious binaries are associated with the attacks. Analysis of the images has shown that although they appear to be malicious, they do not contain enough data in the associated image property to sufficiently trigger the vulnerability. We are still investigating as to why this may be the case. Users are advised to apply the MS08-021 patches immediately. These attack attempts highlight the severity of this issue -- it is only a matter of time before new images that successfully trigger the issue are observed in the wild. Administrators are also advised to filter activity to the following IP addresses and/or domains: 211.239.126.10 (hxxp://igloofamily.com) 59.124.92.168 (hxxp://amrc.com.tw) ad.goog1e.googlepages.com Symantec IPS detects the exploit; however, some of the associated malware that is delivered with the attack is not detected. Symantec Security Response is currently investigating the undetected malware and will make detection available soon.

Posted in Information Security | 0 comments » 194 Views

INFOSECURITY

2008-04-08

For those of you who are interested. Symantec published its bi-annual Global internet security threat report. It can be read here.

http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xiii_04-2008.en-us.pdf

Posted in Information Security | 0 comments » 169 Views

Office Updates

2008-03-12

National Cyber Alert System

Technical Cyber Security Alert TA08-071A

Microsoft Updates for Multiple Vulnerabilities

Original release date: March 11, 2008

Last revised: --

Source: US-CERT

Systems Affected

* Microsoft Office

* Microsoft Outlook

* Microsoft Excel

* Microsoft Excel Viewer

* Microsoft Office for Mac

* Microsoft Office Web Componenets

Overview

Microsoft has released updates that address vulnerabilities in

Microsoft Office, Outlook, Excel, Excel Viewer, Office for Mac, and

Office Web Components.

I. Description

Microsoft has released updates to address vulnerabilities that affect

Microsoft Office, Outlook, Excel, Excel Viewer, Office for Mac, and

Office Web Components as part of the Microsoft Security Bulletin

Summary for March 2008. The most severe vulnerabilities could allow a

remote, unauthenticated attacker to execute arbitrary code. For more

information, see the US-CERT Vulnerability Notes Database.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code, gain

elevated privileges, or cause a denial of service.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the March

2008 security bulletin. The security bulletin describe any known

issues related to the updates. Administrators are encouraged to note

these issues and test for any potentially adverse effects.

Administrators should consider using an automated update distribution

system such as Windows Server Update Services (WSUS).

IV. References

* US-CERT Vulnerability Notes for Microsoft March 2008 updates

- <

* Microsoft Security Bulletin Summary for March 2008

- <

* Microsoft Update - <

* Windows Server Update Services - <

_________________________________________________________________

The most recent version of this document can be found at:

_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send

email to <cert@cert.org> with "TA08-071A Feedback VU#393305" in the

subject.

_________________________________________________________________

For instructions on subscribing to or unsubscribing from this

mailing list, visit <

_________________________________________________________________

Produced 2008 by US-CERT, a government organization.

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBR9b0APRFkHkM87XOAQLTUwf9HHlM9vQfwMpmCv77RuJKdZgdn5bNTPQA

HjsABoxmVZzE4XnArclHPyMivO8x/oel6UFvZgG/h2oGFarK7h1WpvCFQKE/cNO8

c5o0tRhxMx+ri7w7DnkhmhbWTLQ8coqKjzAioKoc2mboNz+PamQO22INjS3ktOyL

dRA+qwxSsPN3Bi7NDS2DOdUeAA+VdMn0cQTDLHJ7ZPhzy7JOiVXwQwyO3CwNDeOl

C6+FGSk8o1BsMjdP6kRaGnQkgivBi1ID4dcAQA8h0K2IGDPkCBIYiGTvj9pNnpwZ

lrP6DdHyd2idzGEXr2R0VlTQPrhabs+YpZq+qzVh6f2tg+Lc9xBwHg==

=aCnE

-----END PGP SIGNATURE-----

http://www.kb.cert.org/vuls/byid?searchview&query=ms08-mar>http://www.microsoft.com/technet/security/bulletin/ms08-mar.mspx>https://www.update.microsoft.com/microsoftupdate/>http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>http://www.us-cert.gov/cas/techalerts/TA08-071A.html>http://www.us-cert.gov/cas/signup.html>.http://www.us-cert.gov/legal.html>

Posted in Information Security | 0 comments » 144 Views

Internet Stability

2007-11-16

The United Nations recently sponsored a conference to discuss the control of the Internets Domain Name System, AKA; the systems which manage the internet. Mostly under the control of the greatest empire ever, the USA. You would think the Russian goverment would be happy we keep the internet stable enough, so that all their woman can continue to make a living. But no, they are demanding that internet governence be under the control of an international community. "With no concrete recommendations for action coming from the meeting, the only certainty going forward is that any resentment about the American influence will only grow as more users from the developing world come online, changing the face of the global network. "

Link to the SlashDot Article: http://politics.slashdot.org/article.pl?sid=07/11/16/0548242&from=rss
LInk to the NY Times Article: http://www.nytimes.com/aponline/world/AP-Internet-Governance.html?ex=1352869200&en=92cbee1dbf87a2a9&ei=5088&partner=rssnyt&emc=rss

Posted in Information Security | 0 comments » 219 Views

Zombies not just Windows

2007-11-15

Dont you want to be a Zombie too?

For those of you using Apple computers. Patch it up or join the rest of the Zombie bot nets.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-319A

Apple Updates for Multiple Vulnerabilities

Original release date: November 15, 2007

Last revised: --

Source: US-CERT

Systems Affected

* Apple Mac OS X version 10.3.x and 10.4.x

* Apple Mac OS X Server version 10.3.x and 10.4.x

These vulnerabilities affect both Intel-based and PowerPC-based Apple

systems.

Overview

Apple has released Mac OS X 10.4.11 and Security Update 2007-008 to

address multiple vulnerabilities affecting Apple Mac OS X and Mac OS X

Server. The most serious of these vulnerabilities may allow a remote

attacker to execute arbitrary code. Attackers may take advantage of

the less serious vulnerabilities to bypass security restrictions or

cause a denial of service.

I. Description

Apple Mac OS X 10.4.11 and Security Update 2007-008 address a number

of vulnerabilities affecting Apple Mac OS X and OS X Server. Further

details are available in the related vulnerability notes.

Several of the fixes included in this update address vulnerabilities

in products from other vendors that ship with Apple OS X or OS X

Server. These products include

* BIND

* bzip2

* Adobe Flash

* MIT Kerberos

Apple Mac OS X 10.4.11 and Security Update 2007-008 address

vulnerabilities for versions 10.3.x and 10.4.x.

II. Impact

The impacts of these vulnerabilities vary. Potential consequences

include remote execution of arbitrary code or commands, bypass of

security restrictions, and denial of service.

III. Solution

Install updates from Apple

Install Mac OS X 10.4.11 or Apple Security Update 2007-008. This and

other updates are available via Apple Update or via Apple Downloads.

IV. References

* Vulnerability notes for Apple Security Update 2007-008 -

* About the security content of Mac OS X 10.4.11 and Security Update

2007-008 - <

* Mac OS X: Updating your software -

* Apple downloads - <

* ISC BIND - <

* bzip2 : Home - <

* Adobe - Adobe Flash Player -

* Kerberos: The Network Authentication Protocol -

____________________________________________________________________

The most recent version of this document can be found at:

____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send

email to <cert@cert.org> with "TA07-319A Feedback VU#498105" in the

subject.

____________________________________________________________________

For instructions on subscribing to or unsubscribing from this

mailing list, visit <

____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

____________________________________________________________________

Revision History

November 15, 2007: Initial release

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRzx7ZvRFkHkM87XOAQJfIQgAmTZfjJAY/QTweUmvZtOJ9JQ4e/Gj0sE9

OPSrK/SplP92WUL1Ucb8I/VUSQEXXJhNv9dTCMcy7IMpqhx4UxPA6fBKWDJ+nUFi

sx/60EOAiIVW+yYK79VdoI1jrSs48E+CNdqEJCQcjUCVi29eGAdW63H2jOZV37/F

4iQBZYRqhiycZ9FS+S+9aRfMhfy8dEOr1UwIElq6X/tSwss1EKFSNrK5ktGifUtB

AJ+LJVBt2yZOIApcGhsxC3LYUDrDfhqGLIVM2XBc1yuV7Y2gaH4g9Txe+fWK79X2

LYHvhv2xtgLweR12YC+0hT60wSdrDTM6ZW0//ny25LZ7Y7D46ogSWQ==

=AgEr

-----END PGP SIGNATURE-----

http://www.kb.cert.org/vuls/byid?searchview&query=apple_2007_008>http://docs.info.apple.com/article.html?artnum=307041>http://docs.info.apple.com/article.html?artnum=106704>http://www.apple.com/support/downloads/>http://www.isc.org/sw/bind/>http://www.bzip.org/>http://www.adobe.com/products/flashplayer/>http://web.mit.edu/Kerberos/>http://www.us-cert.gov/cas/techalerts/TA07-319A.html>http://www.us-cert.gov/cas/signup.html>.http://www.us-cert.gov/legal.html>

Posted in Information Security | 0 comments » 309 Views

MS UPDATES

2007-11-14

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-317A

Microsoft Updates for Multiple Vulnerabilities

Original release date: November 13, 2007

Last revised: --

Source: US-CERT

Systems Affected

* Microsoft Windows

* Microsoft Windows DNS Server

Overview

Microsoft has released updates that address critical vulnerabilities

in Microsoft Windows and Microsoft Windows DNS Server. Exploitation of

these vulnerabilities could allow a remote, unauthenticated attacker

to execute arbitrary commands or to cause a Windows DNS server to

provide incorrect DNS responses.

I. Description

Microsoft has released updates to address vulnerabilities that affect

Microsoft Windows and Microsoft Windows DNS Server as part of the

Microsoft Security Bulletin Summary for November 2007. The most severe

vulnerabilities could allow a remote, unauthenticated attacker to

execute arbitrary commands or cause a Windows DNS server to provide

incorrect DNS responses.

Further information about the vulnerabilities addressed by these

updates is available in the Vulnerability Notes Database.

II. Impact

A remote, unauthenticated attacker could execute arbitrary commands on

a vulnerable system. An attacker may also be able to cause a Windows

DNS server to provide incorrect responses to DNS queries.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the

November 2007 security bulletins. The security bulletins describe any

known issues related to the updates. Administrators are encouraged to

note any known issues that are described in the bulletins and test for

any potentially adverse effects.

System administrators should consider using an automated patch

distribution system such as Windows Server Update Services (WSUS).

IV. References

* US-CERT Vulnerability Notes for Microsoft November 2007 updates -

* Microsoft Security Bulletin Summary for November 2007 -

* Microsoft Update - <

* Windows Server Update Services -

* Securing Your Web Browser -

____________________________________________________________________

The most recent version of this document can be found at:

____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send

email to <cert@cert.org> with "TA07-317A Feedback VU#484649" in the

subject.

____________________________________________________________________

For instructions on subscribing to or unsubscribing from this

mailing list, visit <

____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

____________________________________________________________________

Revision History

November 13, 2007: Initial release

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRzn+L/RFkHkM87XOAQIP7wgAmXsO3NefxyFn/eFlaLvWeGpVNLUQKdso

VuU2/ktEtMNKQeFgsoZnFMHuKWp2hIMXZPCrelegVHszYHwSmE92QsHvumxVg863

iP3e4wXoL5uYpoYXJuZRl8Ee65GdRlsZBp2HS5bqDm2yWAdKLyEfyVArkmvjJFkM

LydRRMVYnyl4aLBGDh/xzowu6jtKmdMRtFQYDac6A/lNdJpAm6lo8OKPG2mY80vh

8acL6ObfFT45UpYkxCFaCvRMn4/Ts24j3cpnQxmNE9/veENVJxumT6sUH56rrkw/

vLZIK1QMWGPXOXOg9rc7UktWqc9iYFsHmTVC8kwB8ksfk26drpmu1w==

=24yY

-----END PGP SIGNATURE-----

http://www.kb.cert.org/vuls/byid?searchview&query=ms07-nov>http://www.microsoft.com/technet/security/bulletin/ms07-nov.mspx>https://update.microsoft.com/microsoftupdate/>http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>http://www.cert.org/tech_tips/securing_browser/>http://www.us-cert.gov/cas/techalerts/TA07-317A.html>http://www.us-cert.gov/cas/signup.html>.http://www.us-cert.gov/legal.html>

Posted in Information Security | 0 comments » 324 Views

More patches... APPLE

2007-11-07

National Cyber Alert System

Technical Cyber Security Alert TA07-310A

Apple QuickTime Updates for Multiple Vulnerabilities

Original release date: November 06, 2007

Last revised: --

Source: US-CERT

Systems Affected

Vulnerabilities in Apple QuickTime affect

* Apple Mac OS X

* Microsoft Windows

Overview

Apple QuickTime contains multiple vulnerabilities. Exploitation of

these vulnerabilities could allow a remote attacker to execute

arbitrary code or cause a denial-of-service condition.

I. Description

Apple QuickTime 7.3 resolves multiple vulnerabilities in the way

different types of image and media files are handled. An attacker

could exploit these vulnerabilities by convincing a user to access a

specially crafted image or media file that could be hosted on a web

page.

Note that Apple iTunes installs QuickTime, so any system with iTunes

is vulnerable.

II. Impact

These vulnerabilities could allow a remote, unauthenticated attacker

to execute arbitrary code or commands and cause a denial-of-service

condition. For further information, please see About the security

content of QuickTime 7.3.

III. Solution

Upgrade QuickTime

Upgrade to QuickTime 7.3. This and other updates for Mac OS X are

available via Apple Update.

Secure your web browser

To help mitigate these and other vulnerabilities that can be exploited

via a web browser, refer to Securing Your Web Browser.

References

* About the security content of the QuickTime 7.3 Update -

* How to tell if Software Update for Windows is working correctly when no updates are available -

* Apple QuickTime Download - <

* Mac OS X: Updating your software -

* Securing Your Web Browser -

_________________________________________________________________

The most recent version of this document can be found at:

_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send

email to <cert@cert.org> with "TA07-310A Feedback VU#208011" in the

subject.

_________________________________________________________________

For instructions on subscribing to or unsubscribing from this

mailing list, visit <

_________________________________________________________________

Produced 2007 by US-CERT, a government organization.

http://docs.info.apple.com/article.html?artnum=306896>http://docs.info.apple.com/article.html?artnum=304263>http://www.apple.com/quicktime/download/>http://docs.info.apple.com/article.html?artnum=106704>http://www.us-cert.gov/reading_room/securing_browser/>http://www.us-cert.gov/cas/techalerts/TA07-310A.html>http://www.us-cert.gov/cas/signup.html>.http://www.us-cert.gov/legal.html>

Posted in Information Security | 0 comments » 189 Views

Patch you Zombies

2007-10-25

Adobe has released updates for the Adobe Reader and Adobe Acrobat

product families. The update addresses a URI handling vulnerability in

Microsoft Windows XP and Server 2003 systems with Internet Explorer 7.

Public reports indicate that this vulnerability is being actively

exploited with malicious PDF files. Adobe has released Adobe Reader

8.1.1 and Adobe Acrobat 8.1.1, which mitigate this vulnerability.

http://www.adobe.com/support/security/bulletins/apsb07-18.htm>http://www.microsoft.com/technet/security/advisory/943521.mspx>http://www.kb.cert.org/vuls/id/403150>

* Adobe Security Bulletin APSB07-18 -

* Microsoft Security Advisory (943521) -

* US-CERT Vulnerability Note VU#403150 -

Posted in Information Security | 0 comments » 244 Views

MS UPDATES

2007-10-09

Today Microsoft released six bulletins which repair a total of nine vulnerabilities. None of these vulnerabilities resolved the two current Microsoft denial-of-service zero-day vulnerabilities.

http://www.microsoft.com/technet/security/bulletin/ms07-oct.mspx

Updat your windows machines or become a ZOMBIE!! and not the good first person shooter kind!

Posted in Information Security | 2 comments » 268 Views

BOTNETS

2007-10-05

This is an interesting report regarding BotNets. For those of you who don’t know yet, botnets are hundreds of thousands of compromised machines controlled by a single group or entity, usually used for malicious purposes. These botnets are mostly Windows machines without windows updates. That’s right. If you don’t update your windows operating system you could be playing a part of these zombie networks.

As a gaming community we have many geeks running 'alternative' desktop operating systems and servers. These latest reports are showing that Linux is also vulnerable to these groups. http://computerworld.co.nz/news.nsf/scrt/CD0B9D97EE6FE411CC25736A000E4723

If your interested in information security and you want me to discus a particular subject please let me know.

Posted in Information Security | 0 comments » 247 Views

Internet Flows

2007-10-01

This goes on all day long on just one of our FTP servers.

000003) 9/18/2007 10:14:46 AM - (not logged in) (203.146.145.180)> Connected, sending welcome message...

(000003) 9/18/2007 10:14:46 AM - (not logged in) (203.146.145.180)> 220 PHXX FTP 1

(000003) 9/18/2007 10:14:47 AM - (not logged in) (203.146.145.180)> USER anonymous

(000003) 9/18/2007 10:14:47 AM - (not logged in) (203.146.145.180)> 331 Password required for anonymous

(000003) 9/18/2007 10:14:47 AM - (not logged in) (203.146.145.180)> PASS ****************

(000003) 9/18/2007 10:14:47 AM - anonymous (203.146.145.180)> 230 Logged on

(000003) 9/18/2007 10:14:47 AM - anonymous (203.146.145.180)> CWD /_vti_pvt/

(000003) 9/18/2007 10:14:47 AM - anonymous (203.146.145.180)> 550 CWD failed. "/_vti_pvt": directory not found.

(000003) 9/18/2007 10:14:48 AM - anonymous (203.146.145.180)> CWD /upload/

(000003) 9/18/2007 10:14:48 AM - anonymous (203.146.145.180)> 550 CWD failed. "/upload": directory not found.

(000003) 9/18/2007 10:14:48 AM - anonymous (203.146.145.180)> CWD /home/

(000003) 9/18/2007 10:14:48 AM - anonymous (203.146.145.180)> 550 CWD failed. "/home": directory not found.

(000003) 9/18/2007 10:14:49 AM - anonymous (203.146.145.180)> CWD /public/

(000003) 9/18/2007 10:14:49 AM - anonymous (203.146.145.180)> 550 CWD failed. "/public": directory not found.

(000003) 9/18/2007 10:14:49 AM - anonymous (203.146.145.180)> CWD /pub/

(000003) 9/18/2007 10:14:49 AM - anonymous (203.146.145.180)> 550 CWD failed. "/pub": directory not found.

(000003) 9/18/2007 10:14:49 AM - anonymous (203.146.145.180)> CWD /temp/

(000003) 9/18/2007 10:14:49 AM - anonymous (203.146.145.180)> 250 CWD successful. "/temp" is current directory.

(000003) 9/18/2007 10:14:50 AM - anonymous (203.146.145.180)> MKD 070918211607p

(000003) 9/18/2007 10:14:50 AM - anonymous (203.146.145.180)> 550 Can't create directory. Permission denied

(000003) 9/18/2007 10:14:50 AM - anonymous (203.146.145.180)> CWD /wwwroot/

(000003) 9/18/2007 10:14:50 AM - anonymous (203.146.145.180)> 550 CWD failed. "/wwwroot": directory not found.

(000003) 9/18/2007 10:14:50 AM - anonymous (203.146.145.180)> CWD /cgi-bin/

(000003) 9/18/2007 10:14:50 AM - anonymous (203.146.145.180)> 550 CWD failed. "/cgi-bin": directory not found.

(000003) 9/18/2007 10:14:51 AM - anonymous (203.146.145.180)> CWD /cgibin/

(000003) 9/18/2007 10:14:51 AM - anonymous (203.146.145.180)> 550 CWD failed. "/cgibin": directory not found.

(000003) 9/18/2007 10:14:51 AM - anonymous (203.146.145.180)> CWD /incoming/

(000003) 9/18/2007 10:14:51 AM - anonymous (203.146.145.180)> 550 CWD failed. "/incoming": directory not found.

(000003) 9/18/2007 10:14:52 AM - anonymous (203.146.145.180)> CWD /in/

(000003) 9/18/2007 10:14:52 AM - anonymous (203.146.145.180)> 550 CWD failed. "/in": directory not found.

(000003) 9/18/2007 10:14:52 AM - anonymous (203.146.145.180)> CWD /_vti_cnf/

(000003) 9/18/2007 10:14:52 AM - anonymous (203.146.145.180)> 550 CWD failed. "/_vti_cnf": directory not found.

(000003) 9/18/2007 10:14:52 AM - anonymous (203.146.145.180)> CWD /_vti_txt/

(000003) 9/18/2007 10:14:52 AM - anonymous (203.146.145.180)> 550 CWD failed. "/_vti_txt": directory not found.

(000003) 9/18/2007 10:14:53 AM - anonymous (203.146.145.180)> CWD /_vti_log/

(000003) 9/18/2007 10:14:53 AM - anonymous (203.146.145.180)> 550 CWD failed. "/_vti_log": directory not found.

(000003) 9/18/2007 10:14:53 AM - anonymous (203.146.145.180)> CWD /anonymous/

(000003) 9/18/2007 10:14:53 AM - anonymous (203.146.145.180)> 550 CWD failed. "/anonymous": directory not found.

(000003) 9/18/2007 10:14:53 AM - anonymous (203.146.145.180)> CWD /outgoing/

(000003) 9/18/2007 10:14:53 AM - anonymous (203.146.145.180)> 550 CWD failed. "/outgoing": directory not found.

(000003) 9/18/2007 10:14:54 AM - anonymous (203.146.145.180)> CWD /tmp/

(000003) 9/18/2007 10:14:54 AM - anonymous (203.146.145.180)> 550 CWD failed. "/tmp": directory not found.

(000003) 9/18/2007 10:14:54 AM - anonymous (203.146.145.180)> CWD /mailroot/

(000003) 9/18/2007 10:14:54 AM - anonymous (203.146.145.180)> 550 CWD failed. "/mailroot": directory not found.

(000003) 9/18/2007 10:14:54 AM - anonymous (203.146.145.180)> CWD /ftproot/

(000003) 9/18/2007 10:14:54 AM - anonymous (203.146.145.180)> 550 CWD failed. "/ftproot": directory not found.

(000003) 9/18/2007 10:14:55 AM - anonymous (203.146.145.180)> CWD /images/

(000003) 9/18/2007 10:14:55 AM - anonymous (203.146.145.180)> 550 CWD failed. "/images": directory not found.

(000003) 9/18/2007 10:14:55 AM - anonymous (203.146.145.180)> CWD /_private/

(000003) 9/18/2007 10:14:55 AM - anonymous (203.146.145.180)> 550 CWD failed. "/_private": directory not found.

(000003) 9/18/2007 10:14:55 AM - anonymous (203.146.145.180)> CWD /usr/

(000003) 9/18/2007 10:14:55 AM - anonymous (203.146.145.180)> 550 CWD failed. "/usr": directory not found.

(000003) 9/18/2007 10:14:56 AM - anonymous (203.146.145.180)> CWD /pub/incoming/

(000003) 9/18/2007 10:14:56 AM - anonymous (203.146.145.180)> 550 CWD failed. "/pub/incoming": directory not found.

(000003) 9/18/2007 10:14:56 AM - anonymous (203.146.145.180)> CWD /public/incoming/

(000003) 9/18/2007 10:14:56 AM - anonymous (203.146.145.180)> 550 CWD failed. "/public/incoming": directory not found.

(000003) 9/18/2007 10:14:56 AM - anonymous (203.146.145.180)> CWD /anonymous/_vti_pvt/

(000003) 9/18/2007 10:14:56 AM - anonymous (203.146.145.180)> 550 CWD failed. "/anonymous/_vti_pvt": directory not found.

(000003) 9/18/2007 10:14:57 AM - anonymous (203.146.145.180)> CWD /anonymous/incoming/

(000003) 9/18/2007 10:14:57 AM - anonymous (203.146.145.180)> 550 CWD failed. "/anonymous/incoming": directory not found.

(000003) 9/18/2007 10:14:57 AM - anonymous (203.146.145.180)> CWD /anonymous/pub/

(000003) 9/18/2007 10:14:57 AM - anonymous (203.146.145.180)> 550 CWD failed. "/anonymous/pub": directory not found.

(000003) 9/18/2007 10:14:58 AM - anonymous (203.146.145.180)> CWD /anonymous/public/

(000003) 9/18/2007 10:14:58 AM - anonymous (203.146.145.180)> 550 CWD failed. "/anonymous/public": directory not found.

(000003) 9/18/2007 10:14:58 AM - anonymous (203.146.145.180)> CWD /usr/incoming/

(000003) 9/18/2007 10:14:58 AM - anonymous (203.146.145.180)> 550 CWD failed. "/usr/incoming": directory not found.

(000003) 9/18/2007 10:14:58 AM - anonymous (203.146.145.180)> disconnected.

(000004) 9/19/2007 22:36:17 PM - (not logged in) (65.37.156.41)> Connected, sending welcome message...

(000004) 9/19/2007 22:36:17 PM - (not logged in) (65.37.156.41)> 220 PHXX FTP 1

(000004) 9/19/2007 22:36:17 PM - (not logged in) (65.37.156.41)> USER anonymous

(000004) 9/19/2007 22:36:18 PM - (not logged in) (65.37.156.41)> 331 Password required for anonymous

(000004) 9/19/2007 22:36:18 PM - (not logged in) (65.37.156.41)> PASS ****************

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 230 Logged on

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /RECYCLER/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/RECYCLER": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /public/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/public": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /pub/incoming/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/pub/incoming": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /incoming/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/incoming": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /_vti_pvt/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/_vti_pvt": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /pub/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/pub": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /upload/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/upload": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /pub/incoming/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/pub/incoming": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /upload/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/upload": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /in/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/in": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 250 CWD successful. "/" is current directory.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> MKD 070919221930p

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 Can't create directory. Permission denied

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /_vti_pvt/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/_vti_pvt": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /_vti_txt/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/_vti_txt": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /_vti_log/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/_vti_log": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /wwwroot/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/wwwroot": directory not found.

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> CWD /anonymous/

(000004) 9/19/2007 22:36:18 PM - anonymous (65.37.156.41)> 550 CWD failed. "/anonymous": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /public/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/public": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /outgoing/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/outgoing": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /temp/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 250 CWD successful. "/temp" is current directory.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> MKD 070919221931p

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 Can't create directory. Permission denied

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /tmp/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/tmp": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /anonymous/_vti_pvt/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/anonymous/_vti_pvt": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /anonymous/incoming/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/anonymous/incoming": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /mailroot/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/mailroot": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /ftproot/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/ftproot": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /anonymous/pub/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/anonymous/pub": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /anonymous/public/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/anonymous/public": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /_vti_cnf/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/_vti_cnf": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /images/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/images": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /_private/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/_private": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /cgi-bin/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/cgi-bin": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /cgibin/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/cgibin": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /usr/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/usr": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /usr/incoming/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/usr/incoming": directory not found.

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> CWD /home/

(000004) 9/19/2007 22:36:19 PM - anonymous (65.37.156.41)> 550 CWD failed. "/home": directory not found.