From: Craig A. Huegen (no email)
Date: Sun Apr 12 1998 - 15:35:44 EDT
On Sun, 12 Apr 1998, Alex P. Rudnev wrote:
==>Remember, this intruders use small ISP as their service providers, not
==>huge MCI or SPRINT.
Actually, the majority of these people use compromised root accounts in
educational institutions, educational residence halls w/ Ethernet,
enterprises w/o decent firewalls, and co-location machines.
There are lists which exist of over 200-300 compromised root accounts and
access capabilities from which someone can launch an attack.