Date: Sun, 2 Jun 2002 14:17:40 -0700 From: "Drew Tomlinson" <drew@mykitchentable.net> To: <cjclark@alum.mit.edu>, "Hajimu UMEMOTO" <ume@mahoroba.org> Cc: <security@FreeBSD.ORG> Subject: Re: Security Messages re: hosts.allow? Message-ID: <000e01c20a7a$edf501a0$1b01a8c0@TAGALONG> References: <007e01c20a47$7fabb370$1b01a8c0@TAGALONG> <20020602113409.F20911@blossom.cjclark.org> <ygelm9xikg6.wl@piano.mahoroba.org> <20020602121922.H20911@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Crist J. Clark" <crist.clark@attbi.com> To: "Hajimu UMEMOTO" <ume@mahoroba.org> Cc: "Drew Tomlinson" <drew@mykitchentable.net>; <security@FreeBSD.ORG> Sent: Sunday, June 02, 2002 12:19 PM Subject: Re: Security Messages re: hosts.allow? > On Mon, Jun 03, 2002 at 03:50:33AM +0900, Hajimu UMEMOTO wrote: > > Hi, > > > > >>>>> On Sun, 2 Jun 2002 11:34:09 -0700 > > >>>>> "Crist J. Clark" <crist.clark@attbi.com> said: > > > > crist.clark> server1.camelweb.com.tw. 23h59m43s IN CNAME dns.camelweb.com.tw. > > crist.clark> server1.camelweb.com.tw. 23h59m43s IN A 210.59.224.44 > > crist.clark> dns.camelweb.com.tw. 22h47m42s IN A 210.59.224.42 > > > > crist.clark> 42.224.59.210.in-addr.arpa. 9h1m47s IN PTR server1.camelweb.com.tw. > > > > crist.clark> But from the looks of it, these DNS entries themselves do not look > > crist.clark> malicious. > > > > No, CNAME RR cannot co-exist with A RR. > > I didn't say it wasn't broken DNS. I was saying that it does not look > like someone is trying to pretend they are someone they are not (which > is the reason tcpwrapper produces that kind of warning). Thanks for your replies. So the bottom line is that someone from this domain attempted to establish a ssh session with my server? This is just a little home server for my amusement and no one other than myself should access it. I guess it might be time to learn about "keys" and restrict access to only myself. Any reading suggestions for an absolute beginner? Thanks again, Drew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000e01c20a7a$edf501a0$1b01a8c0>