|
 |
| Most Recently Resolved Incidents |  |
| | Time Closed (UTC) | ISP | Incident ID | Comment | | 8 Jul 2008 19:49:23 | techvalleycom.com | 696132 | Responsible party indicated that the customer was warned. | | 8 Jul 2008 16:46:28 | netdirekt.de | 868273 | Infection via 71.33.236.177 (notified). | | 8 Jul 2008 14:34:10 | colosseum.com | 413419 | We are working with our client to resolve their compromised server. Our apologies to those who have experienced brute-force SSH hack attempts, and our thanks for your reports! | | 8 Jul 2008 12:32:44 | renater.fr | 874772 | Responsible party indicated that the customer was warned. | | 8 Jul 2008 09:53:06 | hp.com | 267332 | Upon investigation, CITSIRT has been unable to locate the machine referenced.
The IP address 15.235.147.254 is in the netblock assigned
to HP, but no machine with that IP address was located.
In fact, there is no such active subnet within HP.
Thus, it is likely that the IP address was spoofed.
Regards,
Hanns Balzer
HP IT Security
CITSIRT: Corporate IT Security Incident Response Team
Hotline: +1-650-857-5120 / citsirt@hp.com / http://citsirt.itsecurity.hp.com
|
|
