From owner-freebsd-security Tue Nov 9 3:26:35 1999 Delivered-To: freebsd-security@freebsd.org Received: from sanson.reyes.somos.net (freyes.static.inch.com [207.240.212.43]) by hub.freebsd.org (Postfix) with ESMTP id C776214DA1 for ; Tue, 9 Nov 1999 03:26:06 -0800 (PST) (envelope-from fran@reyes.somos.net) Received: from tomasa (tomasa.reyes.somos.net [10.0.0.11]) by sanson.reyes.somos.net (8.9.3/8.9.3) with SMTP id GAA79768 for ; Tue, 9 Nov 1999 06:24:21 -0500 (EST) (envelope-from fran@reyes.somos.net) Message-Id: <199911091124.GAA79768@sanson.reyes.somos.net> From: "Francisco Reyes" To: "freebsd-security@freebsd.org" Date: Tue, 09 Nov 1999 06:26:01 -0500 Reply-To: "Francisco Reyes" X-Mailer: PMMail 98 Professional (2.01.1600) For Windows 98 (4.10.1998) MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Subject: How to secure local nntp server? Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I recently switched from Dnews to Leafnode++ for my home nntp server (exactly 2 days ago). Today I got a note from someone telling me that my news server had been Hijacked. I inmediately did a "deny log any to any 119" and removed leafnode from inetd. Sure enough I saw in the logs minutes later a computer trying to connect to my news server. How can I secure my news server? I can't think of what rules to use with IPFW. Basically I want the server to be able to connect to external news servers, but only want my internal network to be able to read from it. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message