Mr. Philippe Daoust,

	A computer from a network block registered with 
your name recently successfully compromised one of our
own computers.  207.35.251.172 gained unauthorized root
access to our system on Sept. 16th at approximately 7:55 PM.
The attacker created a root account which he later connected
to via telnet.  The following 2 captured packets offer proof
but we'd be glad to let you see the entire session, if more
is needed.

09/16-19:56:01.491606 207.35.251.172:2243 -> 192.168.1.102:21
TCP TTL:48 TOS:0x0 ID:16787 IpLen:20 DgmLen:56 DF
***AP*** Seq: 0xCF78AEB1  Ack: 0xEBCE0EB9  Win: 0x7C70  TcpLen: 32
TCP Options (3) => NOP NOP TS: 237392604 29673829 
69 64 3B 0A                                      id;.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

09/16-19:56:01.742466 192.168.1.102:21 -> 207.35.251.172:2243
TCP TTL:64 TOS:0x10 ID:1730 IpLen:20 DgmLen:91 DF
***AP*** Seq: 0xEBCE0EB9  Ack: 0xCF78AEB5  Win: 0x7D78  TcpLen: 32
TCP Options (3) => NOP NOP TS: 29674034 237392604 
75 69 64 3D 30 28 72 6F 6F 74 29 20 67 69 64 3D  uid=0(root) gid=
30 28 72 6F 6F 74 29 20 67 72 6F 75 70 73 3D 35  0(root) groups=5
30 28 66 74 70 29 0A                             0(ftp).

Just lettin' you know that you may want to check that particular system out.

Ian Stefanison