Date: Thu, 8 Mar 2001 09:38:46 -0500 From: "Will Mitayai Keeso Rowe" <mit@mitayai.net> To: "Will Andrews" <will@physics.purdue.edu> Cc: <tjk@tksoft.com>, "Will Mitayai Keeso Rowe" <mitayai@dreaming.org>, <freebsd-security@FreeBSD.ORG> Subject: RE: strange messages Message-ID: <NEBBIEGPMLMKDBMMICFNOEJAELAA.mit@mitayai.net> In-Reply-To: <20010308094055.L45561@ohm.physics.purdue.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
if someone was trying to exploit your machine, wouldn't you want to know where they were doing it from, especially wrt inside or outside the network? :-----Original Message----- :From: Will Andrews [mailto:will@physics.purdue.edu] :Sent: March 8, 2001 09:41 AM :To: Will Mitayai Keeso Rowe :Cc: tjk@tksoft.com; Will Mitayai Keeso Rowe; will@physics.purdue.edu; :freebsd-security@FreeBSD.ORG :Subject: Re: strange messages : : :On Thu, Mar 08, 2001 at 09:33:30AM -0500, Will Mitayai Keeso Rowe wrote: :> Acording to CERT (the latest statd message seems to be :> http://www.kb.cert.org/vuls/id/34043) :> FreeBSD is not vulnerable to rpc.statd problems. :> :> But, i still have a question... how can i better log attempts to hack my :> machine's rpc.statd? It would be nice to have an IP of the :connecting box so :> i can see if they are doing it remotely or by an account on my machine. : :Tcpwrappers or ipfw? What good is this information? : :-- :wca : To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NEBBIEGPMLMKDBMMICFNOEJAELAA.mit>