Attack Report for Observation

Header

Time

2022/06/15, 03:32:04 (GMT)

Transaction ID

WXKVX9PRYSL0BEEN

Service

ftp

Location

BE (Belgium)

Attacker

34.140.248.32

Classification

Anonymous credential request

Harm Potential

Medium

Description

Anonymous user-pass authentication login method

Content

Client : 34.140.248.32:53234 is connected to ftp://ftp.***********:21
220 ftpsrv Microsoft FTP Service <Version 5.0>.
USER anonymous
331 OK.
PASS anonymous@
230 OK.
OPTS UTF8 ON
451 Sorry.
PWD
257 "/"
TYPE A
200 Type set to I
PASV
227 Entering Passive Mode (0,0,0,0,128,43).
LIST
150 Here comes the directory listing.
226 Directory send OK.
CWD /
200 OK.

Client : 34.140.248.32:53234 is disconnected from ftp://ftp.***********:21

All observations are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate