Odd access activity

[jamesm@jmcd.dyndns.org]

>
> It's probably one of those hacks looking for lazy admins who create
> accounts that have test / test or admin / admin as a username and pass
> combo
>
> The particular box in this case looks like it is either 0wn3d or a
honeypot or the user hasn't discovered IP tables yet...

Which box? The remote 'attacker'? If you mean the target machine, I do
not see how you came to those conclusions...

The target machine is not allowing the access. It is simply recording
the attempt.

no I mean the remote attacker if you scan the ports on it. it's got some
known... trojan ports open and it's also got vnc/netbios/windows etc and
other stuff as open...

I wasn't having a shot at you... :)