|
Darksat
|
 |
« on: November 16, 2007, 06:22:13 pm » |
|
I think it was a probe.
As far as I can see they managed to punch a hole in the hamiltonjones system and were/are connecting that to the second server which lies at the other side of the chinese firewall.
Eg Superoureland.org is hosted from a server in a chinese city of Taiyuan near Beijing and hamiltonjones is located in the US.
Thats your tunnel out right there, im guessing once they got out they stated looking for another system to run a connection through in case the first one got discovered, which is why they were looking for open SSH connections, the get google request was simply them seing if they could establish another connection through your machine.
Remember, they cant run port scans from inside the firewall so they will have to use the first tunnel to establish secondary connections.
|
|
|
|
« Last Edit: November 16, 2007, 06:25:29 pm by Darksat »
|
Report Spam
Logged
|
|
|
|
|
|
|
