Looking through the firewall logs on my backup machine, I discover that someone from a computer in the State administration of Utah (18.104.22.168) has been trying to break in here. That makes a change from the usual Bulgarians and untraceable Far Eastern suspects. But what was really unusual were the logons they tried: after the usual “test, guest, admin” and user came the following sequence: “umbro nike canon brother”
Canon and Brother I can sort of understand: they are printers, which have a natural connection to a computer. But Nike? Do people log their shoes in? And I don’t even know what Umbro makes. Can any smarter readers help?
Update: I complained to the tech contact at the State of Utah and got a reply back within two hours: Yes it looks as though this host is contaminated.. Behind our backs andon the week end this host was taken over by an outside host…We will lock it out of the net and clean it before we let it back so it should not be doing any more harm… So, sometimes, things work as they should.