Date: Tue, 15 Jun 1999 11:42:59 -0500 (EST) From: Matthew Joseff <mjoseff@retribution.net> To: David G Andersen <danderse@cs.utah.edu> Cc: freebsd-security@FreeBSD.ORG Subject: Re: /var/log/messages Message-ID: <Pine.BSF.4.10.9906151138020.14540-100000@retribution.net> In-Reply-To: <199906151455.IAA19354@lal.cs.utah.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 15 Jun 1999, David G Andersen wrote: }Since nobody has pointed it out yet, just FYI, this is typically an }indication that you're being portscanned by the host 193.221.47.155. }You might also want to check for telnet connections, NOQUEUE messages from }sendmail, etc., to get a better idea of what they scanned. }Then, contact postmaster@molnycke.se about it (or, if that fails, they }list their domain contact as hostmaster@sgn.sca.se). Thanks, I've disabled telnet, rsh, and rlogin, and installed tcp_wrappers (via /usr/ports . . . ). No "NOQUEUE"s in /var/log/mailog . . . Thanks for the help. -- Matthew Joseff, Sr. Web Developer RCN Corp. 703-321-2410 www.rcn.com NASDAQ: RCNC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9906151138020.14540-100000>