Date: Fri, 20 Apr 2001 17:30:50 -0400 From: "Michael Scheidell" <scheidell@fdma.com> To: <freebsd-security@freebsd.org> Subject: Re: rpc.statd attack Message-ID: <004e01c0c9e1$2cb1d390$0503a8c0@fdma.com> References: <Pine.GSO.4.21.0104202315040.27489-100000@helios>
next in thread | previous in thread | raw e-mail | index | archive | help
"Pär Thoren" <t98pth@student.bth.se> wrote in message news:Pine.GSO.4.21.0104202315040.27489-100000@helios... > > Ok when I get portscanned...but these guys tries to exploit my ass. set up ipfw for next round. I suspect that there is a 'probe' for port 111, every day this happens 3 or 4 times a day on every system I monitor. If you want to log them, and automatically have them reported, see www.mynetwatchman.com there is a perl agent available that will autoupload deny's from ipfw logs (cisco logs, sonicwall logs, and bonus: versio.bind queries are logges at pudp port 53 attacks for you as well) The freebsd files are not in a ports package (yet) but if somone wants to do it, I have the perl scripts and rc.d/sh startup file available. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004e01c0c9e1$2cb1d390$0503a8c0>