Date: Mon, 30 Jul 2001 11:34:32 -0700 (PDT) From: Hans Zaunere <zaunere@yahoo.com> To: Yonatan Bokovza <Yonatan@xpert.com>, questions@freebsd.org Subject: RE: Spoof attack? Message-ID: <20010730183432.98150.qmail@web12801.mail.yahoo.com> In-Reply-To: <EB513E68D3F5D41191CA00025558810150D594@mailserv.xpert.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ok, that sounds reasonable. However, sendmail is not running. Its a very stripped down system, with nothing running except ssh. The only thing I could think of is my periodic security mailings from cron, which I get in my root box. However, if I dont have sendmail running, how am I getting these? Also, can these be sent somewhere else (externally), even without me running sendmail? Thank you, Hans zaunere@yahoo.com --- Yonatan Bokovza <Yonatan@xpert.com> wrote: > Hi, > > > I have tcp and udp log_in_vain options enabled in > my > > kernel. I have noticed a couple odd connection > > attempts: > > > > Connection attempt to UDP 127.0.0.1:512 from > > 127.0.0.1:1131 > > sendmail tries to access a local service called > "comsat", > on port 512/udp. > A workaround is to comment this line in > /etc/services: > biff 512/udp comsat > There is probably something you can configure in > sendmail to fix this. > Kudos for your paranoia. Keep that up. > > Best Regards, > > Yonatan Bokovza > IT Security Consultant > Xpert Systems > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of > the message __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010730183432.98150.qmail>