From owner-freebsd-stable Wed Sep 20 19:39:56 2000 Delivered-To: freebsd-stable@freebsd.org Received: from 2711.dynacom.net (2711.dynacom.net [206.107.213.3]) by hub.freebsd.org (Postfix) with ESMTP id 2263137B422; Wed, 20 Sep 2000 19:39:54 -0700 (PDT) Received: from urx.com (dsl1-160.dynacom.net [206.159.132.160]) by 2711.dynacom.net (Build 101 8.9.3/NT-8.9.3) with ESMTP id TAA00582; Wed, 20 Sep 2000 19:39:53 -0700 Message-ID: <39C974F9.210D0F41@urx.com> Date: Wed, 20 Sep 2000 19:39:53 -0700 From: Kent Stewart Reply-To: kstewart@urx.com Organization: Dynacom X-Mailer: Mozilla 4.75 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Kris Kennaway Cc: Brandon Fosdick , stable@FreeBSD.ORG Subject: Re: Odd log entries...an attempted breakin? References: <39C8C50C.CA929D8C@glue.umd.edu> <20000920180446.B81946@freefall.freebsd.org> Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway wrote: > > On Wed, Sep 20, 2000 at 10:09:16AM -0400, Brandon Fosdick wrote: > > For the last week or so I've been seeing the following entries in > > /var/log/messages: > > > > Sep 17 01:17:11 nbf-27 rpc.statd: Invalid hostname to sm_mon: > > ^D÷ÿ¿^D÷ÿ¿^E÷ÿ¿^E÷ÿ¿^F÷ÿ¿^F÷ÿ¿^G÷ÿ¿^G÷ÿ¿%08x %08x %08x %08x %08x %08x > > %08x %08x > > Someone is trying to exploit a root hole in the Linux rpc.statd. > ou don't have anything to worry about running FreeBSD here :-) Is that what the Tribal Flood people are doing or is this something different? Kent > > However, firewalling is always a good idea. > > Kris > > -- > In God we Trust -- all others must submit an X.509 certificate. > -- Charles Forsythe > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message -- Kent Stewart Richland, WA mailto:kbstew99@hotmail.com http://kstewart.urx.com/kstewart/index.html FreeBSD News http://daily.daemonnews.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message