Date: Fri, 9 Feb 2001 09:07:02 +0100 (CET) From: Dan Larsson <dl@tyfon.net> To: <freebsd-security@freebsd.org> Subject: Lots of attempts to connect to sunrpc port Message-ID: <Pine.BSF.4.32.0102090853410.58451-100000@hq1.tyfon.net>
next in thread | raw e-mail | index | archive | help
I assume that there was/is a bug in the sunrpc daemon. Exploting that bug might render access to the computer in some way. Fortunately there's nothing listening on that port on the attacked computer. Is this something to take seriously or am I looking at the effects of script kiddies? Log snippet: Deny TCP 211.184.221.34:1870 xxx.xxx.xxx.xxx:111 in via fxp0 Deny TCP 211.184.221.34:1870 xxx.xxx.xxx.xxx:111 in via fxp0 Deny TCP 200.47.77.226:1855 xxx.xxx.xxx.xxx:111 in via fxp0 Deny TCP 211.216.53.156:4629 xxx.xxx.xxx.xxx:111 in via fxp0 Deny TCP 64.94.79.200:2912 xxx.xxx.xxx.xxx:111 in via fxp0 Deny TCP 64.94.79.200:2912 xxx.xxx.xxx.xxx:111 in via fxp0 Deny TCP 211.174.58.101:111 xxx.xxx.xxx.xxx:111 in via fxp0 Deny TCP 217.13.4.50:1774 xxx.xxx.xxx.xxx:111 in via fxp0 Deny TCP 64.56.207.76:1137 xxx.xxx.xxx.xxx:111 in via fxp0 Deny TCP 212.184.103.11:4622 xxx.xxx.xxx.xxx:111 in via fxp0 Deny TCP 211.219.84.99:2779 xxx.xxx.xxx.xxx:111 in via fxp0 Regards +------ Dan Larsson | Tel: +46 8 550 120 21 Tyfon Svenska AB | Fax: +46 8 550 120 02 GPG and PGP keys | finger dl@hq1.tyfon.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.32.0102090853410.58451-100000>