From owner-freebsd-security Mon Jul 1 4:28:49 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 93C5E37B400 for ; Mon, 1 Jul 2002 04:28:47 -0700 (PDT) Received: from public.uni-hamburg.de (public.uni-hamburg.de [134.100.32.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id B1A9043E1A for ; Mon, 1 Jul 2002 04:28:46 -0700 (PDT) (envelope-from sa9k063@public.uni-hamburg.de) Received: (from sa9k063@localhost) by public.uni-hamburg.de (8.11.0/8.11.0) id g61BSje18914 for freebsd-security@freebsd.org; Mon, 1 Jul 2002 13:28:45 +0200 Date: Mon, 1 Jul 2002 13:28:45 +0200 From: Tilo Kremer To: freebsd-security@freebsd.org Subject: other DoSes Message-ID: <20020701132845.A88200@public.uni-hamburg.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org hi, apart from the apache worm, on friday i saw some other weird thing sgoing on on my freebsd machines: my dns was flooding my mx. resolver:53 -> mx:1032 contents of my sshd_config were changed (ChallengeResponse, PAMAuthenticationViaKbdInt) this looks like having been attacked on all fronts at the same time. i am ready to send logs upn request. grtx, t To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message