Hi,

Got a letter from NTL a few days ago from the security team, claiming unauthorised access attempts have been tracked back to my account.

I run a Linux box at home, but AFAIK it's secured. Anyone else seen this? What precisely do they mean?

Rgds,
Dan

Not too sure about the tech side of this but they normally give you a number to call...being a sat they will not be there...give it a bell on monday if they have given a number

Sorry this is if no help but i say it here as tech support will not be able to help you as its a seperate department

hmmm i would defo give them a ring,
do you not have any access logs you can check?


:welcome:

https://www.cableforum.co.uk/images/local/2005/07/8.gif

it could have some bearing on this thread here 29566

http://bestsmileys.com/signs15/22.gif

it could have some bearing on this thread here 29566

Probably not.

If ntl's security team have contacted you, it is because they have tracked the incident based on an IP address, that thread deals with abuse on a non ntl server, so that would not be dealt with by ntl's security team.

Call the number they have supplied to you on the letter - BUT - if they have given you some instructiond, do those also, there is a good chance your PC/Network may have been compromised in some way, and they may be providing you with a way to resolve the problem first. :)

Hi,

Got a letter from NTL a few days ago from the security team, claiming unauthorised access attempts have been tracked back to my account.

I run a Linux box at home, but AFAIK it's secured. Anyone else seen this? What precisely do they mean?

Rgds,
Dan

The way you have worded it, it sounds like someone has reported you for attempted unauthorised access to somewhere. :shrug:

The way you have worded it, it sounds like someone has reported you for attempted unauthorised access to somewhere. :shrug:That's what it sounds like to me - or, somebody has compromised the OP's setup, and used his connection to gain unauthorised access to somewhere. :(

it does sound like that yes - the letter talks about unauthorised access attempts to another computer. I did port scan my servers in london a few times, but that was about a year ago - I dont think even NTL are that slow, and if they ban my scanning of my own servers they can go jump!

Well we'll see if they call back tomorrow - somehow I doubt they shall! I'm moving out shortly anyway so will be closing my account, so no great loss there :)

Rgds,
Dan

Was it genuine, or was it one of those messages with a dodgy attachment?

err, it was a letter, not an email. So genuine yes.

I now know the cause however - as suspected my Linux box had been hacked - and someone has been port scanning from it for the last week or so... So mystery solved. Will see if they bother to return my message tomorrow ( I doubt it )

err, it was a letter, not an email. So genuine yes.

I now know the cause however - as suspected my Linux box had been hacked - and someone has been port scanning from it for the last week or so... So mystery solved. Will see if they bother to return my message tomorrow ( I doubt it )

Hacked?

How come, did you have a root kit, or poor security policies?

not root kitted - they came in through a vulnerability in some thirdparty software I was using. However i've closed that off now - they wont get in again!

NTL did call, rather surprisingly, my account is now cleared of any wrong doing :)

To be honest, im actually kinda impressed that they do police and chase up these things - Well done to them!

Rgds,
Dan

Indeed - I goes to show the doubters that ntl do respond to abuse reports.