24-Sep-2005

No problems - of course
Started Monitor /record on Diana. then did the AXIS test again. and of course, there wasn't a problem today...And that where some processes that are normally stopped, were still running.
During the test, a lot of processes were swapped out - obviously - but the tests ran to their end....

Seems some-one tyried again to break in on the FTP site:

%%%%%%%%%%% OPCOM 24-SEP-2005 08:16:12.84 %%%%%%%%%%%
Message from user TCPIP$FTP on DIANA
User Name: anonymous
Source: 80.174.62.37
Status: NOPRIV -- File access violation
Object: WEB_DISK:[public.anonymous.050924095014p]

%%%%%%%%%%% OPCOM 24-SEP-2005 08:16:28.49 %%%%%%%%%%%
Message from user TCPIP$FTP on DIANA
User Name: anonymous
Source: 80.174.62.37
Status: NOPRIV -- File access violation
Object: WEB_DISK:[public.anonymous.050924095030p]

and in FTP log shows attempts to get into a WINNT domain.
I've seen this address before, this is a person the seems quite stubborn - and appearently, he (or she, but most hackers seem to be male, so "he" is probably right) just a script kiddy.
The address cannot be traced by DIG but since it seems a calss-A address, 82.0.0.0 has been checked and found to be named at:

;; AUTHORITY SECTION:
0.0.80.in-addr.arpa. 9029 IN SOA dns1.ntli.net. hostmaster.ntli.net. 2005091900 10800 3600 604800 86400:

Had contacted them before, will do again.
System disk backup
Took the opportunity to make a backup of the system disk - on the new 9Gb disk, same size (and type) as current in Diana (first full and complete one in a year), watching television in parallel. Rebooted afterwards - and Io to reagin the cluster IP address on Diana.