Date: Tue, 13 Oct 1998 15:06:53 -0500 From: "Jeffrey J. Mountin" <jeff-ml@mountin.net> To: Brett Glass <brett@lariat.org>, Darren Reed <avalon@coombs.anu.edu.au>, grimace@ns.nternet.net (grimace) Cc: security@FreeBSD.ORG Subject: Re: Spoofed connections on port 13223?? Message-ID: <3.0.3.32.19981013150653.01019394@207.227.119.2> In-Reply-To: <4.1.19981013100624.041b8760@mail.lariat.org> References: <199810131024.DAA04862@hub.freebsd.org> <Pine.BSF.3.96.981013004343.26044A-100000@ns.nternet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 10:06 AM 10/13/98 -0600, Brett Glass wrote to Darren Reed: >CERT? Don't bother. They'll respond several months after it's too late >and say, "Oh, dear." > >--Brett > > >At 08:23 PM 10/13/98 +1000, Darren Reed wrote: > >>People, I can understand wanting to bring it to an informal forum, but >>if you seriously think you are under attack then you should contact the >>relevant CERT and talk with them about it. It may be that what you're >>seeing is part of a "bigger picture" that you can't see. >> >>Darren While it may be true that they will take a while to get back to you, at least it will add to their infomation and may help others when summaries are issued. If you read what they have on: http://www.cert.org/tech_tips/incident_reporting.html ---- A.You may receive technical assistance. A primary part of our mission is to provide a reliable, trusted, 24-hour, single point of contact for security emergencies involving the Internet. We facilitate communication among experts working to solve security problems and serve as a central point for identifying and correcting vulnerabilities in computer systems. When you report an incident to us, we can provide pointers to technical documents, offer suggestions on recovering the security of your systems, and share information about recent intruder activity. In our role as a coordination center, we may have access to information that is not yet widely available to assist in responding to your incident. Unfortunately, our limited resources and the increasing number of incidents reported to us may prevent us from responding to each report individually. We must prioritize our responses to have the greatest impact on the Internet community. ---- Rather explicit, but then *they* are not responsible for the security of *your* system. I need to file a report for a recent probe, especially since there has been no response and it produced an unusal error in my SMTP daemon (custom). The activity stopped before the message was sent, but an explanation is in order. I for one don't expect any help, but whatever they did wasn't even close to compromizing the daemon. And the form: ftp://ftp.cert.org/pub/incident_reporting_form Time to file one. Jeff Mountin - Unix Systems TCP/IP networking jeff@mountin.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.3.32.19981013150653.01019394>