From owner-freebsd-security Tue Jun 15 6:25:57 1999 Delivered-To: freebsd-security@freebsd.org Received: from retribution.net (retribution.net [207.96.1.17]) by hub.freebsd.org (Postfix) with ESMTP id 2AA5015583 for ; Tue, 15 Jun 1999 06:25:54 -0700 (PDT) (envelope-from mjoseff@retribution.net) Received: from retribution.net (retribution.net [207.96.1.17]) by retribution.net (8.9.3/8.9.1) with ESMTP id JAA20224 for ; Tue, 15 Jun 1999 09:25:56 -0500 (EST) Date: Tue, 15 Jun 1999 09:25:56 -0500 (EST) From: Matthew Joseff To: freebsd-security@FreeBSD.ORG Subject: /var/log/messages Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Found this in my "messages" this morning: Jun 15 07:18:51 retribution rshd[19891]: connection from 193.221.47.155 on illegal port 1574 Jun 15 07:18:51 retribution rlogind[19890]: Connection from 193.221.47.155 on illegal port questions: 1) What can I do to avoid this? 2) Can any *real* damage be done from someone connecting like this? 3) What liabilities does this open the "offending" party's company to? -- Matthew Joseff, Sr. Web Developer RCN Corp. 703-321-2410 www.rcn.com NASDAQ: RCNC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message