［イスラエルについての調査］

●４月２９日　イスラエルから、ハッカー観察日記を見ているかを調査

　３人が見たようだが、２人は日本語が読めずにあきらめたと思われます。
　しかし、学生はＬａｎｄＡｔｔａｃｋの件をすべて読んでいったみたいです。

pop03-23.isracom.net.il - - [02/Feb/1998:04:21:45 +0900] "GET /~joe/hack/hack.htm HTTP/1.0" 200 8110
ilwww.ac.il - - [07/Feb/1998:21:17:49 +0900] "GET /~joe/hack/hack.htm HTTP/1.0" 200 7877
ilwww.ac.il - - [07/Feb/1998:21:20:23 +0900] "GET /~joe/hack/passwd.txt HTTP/1.0" 200 74
ilwww.ac.il - - [07/Feb/1998:21:21:43 +0900] "GET /~joe/hack/du.txt HTTP/1.0" 200 2958
ilwww.ac.il - - [07/Feb/1998:21:25:01 +0900] "GET /~joe/hack/hack2.htm HTTP/1.0" 200 7077
ilwww.ac.il - - [07/Feb/1998:21:27:05 +0900] "GET /~joe/hack/mailcert.txt HTTP/1.0" 200 12337
ilwww.ac.il - - [07/Feb/1998:21:36:39 +0900] "GET /~joe/hack/repoipa.txt HTTP/1.0" 200 2515
ilwww.ac.il - - [07/Feb/1998:21:38:27 +0900] "GET /~joe/hack/repocert.txt HTTP/1.0" 200 3000
dual.isracom.net.il - - [10/Feb/1998:09:48:00 +0900] "GET /~joe/hack/hack.htm HTTP/1.0" 200 7877


●４月２９日　イスラエルから、過去のアクセス記録を調査

Nov 17 06:47:19 srv01 in.telnetd[8599]: warning: host name/address mismatch: 192.114.11.132 != pop03-2p12.trendline.co.il
Nov 18 04:07:12 srv01 in.telnetd[1462]: warning: host name/address mismatch: 192.114.11.136 != pop03-2p16.trendline.co.il
Nov 19 03:43:56 srv01 in.telnetd[10087]: warning: host name/address mismatch: 192.114.11.130 != pop03-2p10.trendline.co.il
Nov 19 03:50:04 srv01 in.telnetd[10158]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 03:52:23 srv01 netstat[10236]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 03:52:23 srv01 in.telnetd[10238]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 03:52:25 srv01 ps[10235]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 03:52:29 srv01 in.pop2d[10243]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 03:52:29 srv01 in.pop3d[10242]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 03:52:30 srv01 wu.ftpd[10240]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 03:52:30 srv01 in.fingerd[10241]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 03:52:30 srv01 in.nntpd[10244]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 03:52:30 srv01 nntpd[10244]: pop03-2p18.trendline.co.il connect 
Nov 19 03:52:30 srv01 nntpd[10244]: pop03-2p18.trendline.co.il refused connection
Nov 19 03:52:52 srv01 in.rlogind[10249]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 03:52:53 srv01 in.rshd[10250]: warning: host name/address mismatch: 192.114.11.138 != pop03-2p18.trendline.co.il
Nov 19 22:14:55 srv01 in.telnetd[14913]: connect from ring@dialup1-061.pop001.israsrv.net.il
Nov 20 04:28:52 srv01 in.telnetd[16198]: warning: host name/address mismatch: 192.114.11.141 != pop03-2p21.trendline.co.il
Nov 20 05:33:05 srv01 in.telnetd[16605]: warning: host name/address mismatch: 192.114.11.141 != pop03-2p21.trendline.co.il
Nov 21 03:19:58 srv01 in.telnetd[23844]: connect from batman@pop03-1p11.trendline.co.il
Nov 21 06:56:24 srv01 in.telnetd[26125]: connect from pop03-1p11.trendline.co.il
Nov 21 18:18:41 srv01 named[65]: Lame server on '114.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.9].53 'dns2.inter.net.il': learnt (A=129.142.6.64,NS=193.0.0.193) 
Nov 21 18:18:42 srv01 named[65]: Lame server on '114.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.8].53 'dns.inter.net.il': learnt (A=129.142.6.64,NS=193.0.0.193) 
Nov 22 02:26:16 srv01 wu.ftpd[31591]: connect from batman@pop03-1p16.trendline.co.il
Nov 22 02:26:54 srv01 in.telnetd[31596]: connect from batman@pop03-1p16.trendline.co.il
Nov 22 02:37:45 srv01 in.telnetd[31641]: connect from batman@dialup1-070.pop001.israsrv.net.il
Nov 22 08:50:56 srv01 named[65]: Lame server on '114.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.9].53 'dns2.inter.net.il': learnt (A=192.36.125.2,NS=193.0.0.193) 
Nov 22 08:50:57 srv01 named[65]: Lame server on '114.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.8].53 'dns.inter.net.il': learnt (A=129.142.6.64,NS=193.0.0.193) 
Nov 22 20:02:37 srv01 in.telnetd[4989]: warning: host name/address mismatch: 192.114.11.128 != pop03-2p8.trendline.co.il
Nov 22 20:19:27 srv01 in.telnetd[5175]: warning: host name/address mismatch: 192.114.11.122 != pop03-2p2.trendline.co.il
Nov 23 07:27:58 srv01 in.telnetd[2995]: connect from batman@pop03-1p11.trendline.co.il
Nov 26 06:00:51 srv01 in.telnetd[28290]: warning: host name/address mismatch: 192.114.11.136 != pop03-2p16.trendline.co.il
Nov 27 05:39:20 srv01 in.telnetd[2516]: warning: host name/address mismatch: 192.114.11.135 != pop03-2p15.trendline.co.il
Nov 28 18:07:11 srv01 in.telnetd[12053]: warning: host name/address mismatch: 192.114.11.139 != pop03-2p19.trendline.co.il
Nov 28 20:15:58 srv01 in.telnetd[12613]: connect from yoshi@dialup1-007.pop001.israsrv.net.il
Nov 29 17:43:07 srv01 in.telnetd[2525]: connect from batman@dialup1-099.pop001.israsrv.net.il
Nov 29 23:14:01 srv01 in.telnetd[11452]: connect from root@gezer56.gezernet.co.il
Nov 30 07:46:26 srv01 in.telnetd[847]: connect from batman@ts048p14.pop3b.netvision.net.il
Nov 30 07:46:45 srv01 login: 2 LOGIN FAILURES FROM ts048p14.pop3b.netvision.net.il, am,^H
Dec  1 06:56:19 srv01 in.telnetd[4485]: connect from batman@dialup1-104.pop001.israsrv.net.il
Dec  1 06:56:46 srv01 login: 2 LOGIN FAILURES FROM dialup1-104.pop001.israsrv.net.il, amuishit
Dec  2 07:26:31 srv01 in.telnetd[232]: connect from batman@ts056p16.pop3b.netvision.net.il
Dec  2 07:47:46 srv01 in.telnetd[347]: connect from batman@dialup1-087.pop001.israsrv.net.il
Dec  3 05:46:49 srv01 in.telnetd[7248]: connect from batman@dialup1-025.pop001.israsrv.net.il
Dec  5 06:44:43 srv01 in.telnetd[5260]: connect from batman@dialup1-069.pop001.israsrv.net.il
Dec  5 22:37:42 srv01 netstat[10437]: connect from root@server.ben-gurion.hasharon.k12.il
Dec  5 22:37:42 srv01 in.pop3d[10445]: connect from root@server.ben-gurion.hasharon.k12.il
Dec  5 22:37:42 srv01 in.fingerd[10438]: connect from root@server.ben-gurion.hasharon.k12.il
Dec  5 22:37:42 srv01 in.pop2d[10446]: connect from root@server.ben-gurion.hasharon.k12.il
Dec  5 22:37:42 srv01 in.nntpd[10447]: connect from root@server.ben-gurion.hasharon.k12.il
Dec  5 22:37:42 srv01 in.rshd[10450]: connect from root@server.ben-gurion.hasharon.k12.il
Dec  5 22:37:43 srv01 nntpd[10447]: server.ben-gurion.hasharon.k12.il connect 
Dec  5 22:37:43 srv01 nntpd[10447]: server.ben-gurion.hasharon.k12.il refused connection
Dec  5 22:37:44 srv01 ps[10434]: connect from root@server.ben-gurion.hasharon.k12.il
Dec  5 22:37:44 srv01 in.rlogind[10448]: connect from root@server.ben-gurion.hasharon.k12.il
Dec  5 22:37:47 srv01 in.telnetd[10439]: connect from root@server.ben-gurion.hasharon.k12.il
Dec  5 22:37:47 srv01 wu.ftpd[10440]: connect from root@server.ben-gurion.hasharon.k12.il
Dec  5 23:06:07 srv01 named[65]: Lame server on 'macam98.ac.il' (in 'macam98.AC.IL'?): [192.114.206.3].53 'aleph.mofet.macam98.ac.il': learnt (A=192.36.125.2,NS=192.36.125.2) 
Dec  7 02:56:41 srv01 in.telnetd[18759]: warning: host name/address mismatch: 192.114.11.131 != pop03-2p11.trendline.co.il
Dec  7 02:57:50 srv01 in.telnetd[18766]: warning: host name/address mismatch: 192.114.11.131 != pop03-2p11.trendline.co.il
Dec  7 03:15:21 srv01 in.telnetd[18904]: warning: host name/address mismatch: 192.114.11.131 != pop03-2p11.trendline.co.il
Dec  8 05:51:48 srv01 in.telnetd[8125]: connect from batman@pop03-2p22.trendline.co.il
Dec  8 06:11:40 srv01 in.telnetd[8219]: connect from batman@pop03-2p22.trendline.co.il
Dec  8 07:01:54 srv01 in.telnetd[8386]: connect from batman@pop03-2p20.trendline.co.il
Dec  8 07:02:06 srv01 login: 2 LOGIN FAILURES FROM pop03-2p20.trendline.co.il, amishito
Dec  9 04:25:10 srv01 in.telnetd[2334]: connect from batman@pop03-2p21.trendline.co.il
Dec 10 05:47:40 srv01 in.telnetd[8740]: connect from pop03-2p4.trendline.co.il
Dec 11 08:13:08 srv01 in.telnetd[5850]: connect from pop03-2p17.trendline.co.il
Dec 12 08:41:33 srv01 in.telnetd[648]: connect from batman@pop03-2p23.trendline.co.il
Dec 12 22:02:49 srv01 in.telnetd[1565]: connect from pop03-2p12.trendline.co.il
Dec 14 02:58:38 srv01 in.telnetd[1872]: connect from batman@pop03-2p4.trendline.co.il
Dec 14 03:52:55 srv01 in.telnetd[288]: connect from batman@pop03-2p4.trendline.co.il
Dec 14 03:53:25 srv01 login: 2 LOGIN FAILURES FROM pop03-2p4.trendline.co.il, amishtio
Dec 14 04:13:54 srv01 in.telnetd[122]: connect from batman@pop03-2p4.trendline.co.il
Dec 14 05:06:43 srv01 in.telnetd[545]: connect from batman@pop03-2p4.trendline.co.il
Dec 14 05:09:12 srv01 wu.ftpd[575]: connect from batman@pop03-2p4.trendline.co.il
Dec 14 05:10:01 srv01 wu.ftpd[587]: connect from batman@pop03-2p4.trendline.co.il
Dec 14 05:10:26 srv01 in.telnetd[593]: connect from batman@pop03-2p4.trendline.co.il
Dec 14 05:22:30 srv01 wu.ftpd[673]: connect from batman@pop03-2p4.trendline.co.il

Jan  9 07:46:49 srv01 wu.ftpd[2497]: connect from dialup10-234.pop001.israsrv.net.il
Feb 20 23:34:46 srv01 wu.ftpd[32302]: connect from xyplex14.mofet.macam98.ac.il
Mar  6 02:18:13 srv01 named[87]: Lame server on '121.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.8].53 'dns.inter.net.il': learnt (A=132.66.32.10,NS=132.66.32.10) 
Mar  6 02:18:13 srv01 named[87]: Lame server on '121.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.9].53 'dns2.inter.net.il': learnt (A=132.66.32.10,NS=132.66.32.10) 
Mar 14 07:51:29 srv01 wu.ftpd[19748]: connect from dialup1-117.pop002.israsrv.net.il

Mar 22 21:22:35 srv01 named[87]: Lame server on '56.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.8].53 'dns.inter.net.il': learnt (A=192.36.125.2,NS=193.0.0.193) 
Mar 22 21:22:36 srv01 named[87]: Lame server on '56.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.9].53 'dns2.inter.net.il': learnt (A=192.36.125.2,NS=193.0.0.193) 
Mar 22 21:43:15 srv01 named[87]: Lame server on '56.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.8].53 'dns.inter.net.il': learnt (A=192.36.125.2,NS=193.0.0.193) 
Mar 22 21:43:16 srv01 named[87]: Lame server on '56.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.9].53 'dns2.inter.net.il': learnt (A=192.36.125.2,NS=193.0.0.193) 
Mar 22 21:53:16 srv01 named[87]: Lame server on '56.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.8].53 'dns.inter.net.il': learnt (A=192.36.125.2,NS=193.0.0.193) 
Mar 22 21:53:17 srv01 named[87]: Lame server on '56.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.9].53 'dns2.inter.net.il': learnt (A=192.36.125.2,NS=193.0.0.193) 
Mar 22 22:07:30 srv01 named[87]: Lame server on '56.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.8].53 'dns.inter.net.il': learnt (A=192.36.125.2,NS=193.0.0.193) 
Mar 22 22:07:30 srv01 named[87]: Lame server on '56.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.9].53 'dns2.inter.net.il': learnt (A=192.36.125.2,NS=193.0.0.193) 
Mar 22 23:44:42 srv01 in.pop3d[244]: connect from root@d180.pop135-2.israsrv.net.il
Mar 24 16:19:51 srv01 named[87]: Lame server on '0.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.8].53 'dns.inter.net.il': learnt (A=129.142.6.64,NS=193.0.0.193) 
Mar 24 16:19:52 srv01 named[87]: Lame server on '0.85.114.192.in-addr.arpa' (in '85.114.192.in-addr.arpa'?): [205.164.141.9].53 'dns2.inter.net.il': learnt (A=129.142.6.64,NS=193.0.0.193)