From owner-cvs-all Tue Jun 23 10:33:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA26848 for cvs-all-outgoing; Tue, 23 Jun 1998 10:33:29 -0700 (PDT) (envelope-from owner-cvs-all@FreeBSD.ORG) Received: from news1.gtn.com (news1.gtn.com [192.109.159.3]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA26832 for ; Tue, 23 Jun 1998 10:33:22 -0700 (PDT) (envelope-from andreas@klemm.gtn.com) Received: (from uucp@localhost) by news1.gtn.com (8.8.6/8.8.6) with UUCP id TAA27075; Tue, 23 Jun 1998 19:30:10 +0200 (MET DST) Received: (from andreas@localhost) by klemm.gtn.com (8.8.8/8.8.8) id TAA01897; Tue, 23 Jun 1998 19:24:50 +0200 (CEST) (envelope-from andreas) Message-ID: <19980623192450.A1458@klemm.gtn.com> Date: Tue, 23 Jun 1998 19:24:50 +0200 From: Andreas Klemm To: "Jordan K. Hubbard" Cc: committers@FreeBSD.ORG Subject: Re: Release schedule for 2.2.7 References: <1350.898593243.1@time.cdrom.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1i In-Reply-To: <1350.898593243.1@time.cdrom.com>; from Jordan K. Hubbard on Tue, Jun 23, 1998 at 02:14:03AM -0700 X-Disclaimer: A free society is one where it is safe to be unpopular X-Operating-System: FreeBSD 3.0-CURRENT SMP Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk On Tue, Jun 23, 1998 at 02:14:03AM -0700, Jordan K. Hubbard wrote: > o Security folks > > Check your CERT advisories and whatnot against the state of -stable > today. Sometimes things are missed. daily security check script needs some additions... Login failures that are logged in /var/log/messages aren't reported. Last recently I noticed various login/crack attempts on a FreeBSD-STABLE machine in my company. Things we should report are: "refused connect from" by tcp_wrapper and "LOGIN FAILURES FROM" by login See here: Jun 22 05:17:43 titan telnetd[10520]: refused connect from 195.90.203.76 Jun 22 05:18:05 titan telnetd[10523]: refused connect from 195.90.203.76 Jun 22 05:20:22 titan telnetd[10951]: refused connect from 195.90.203.76 Jun 22 05:20:37 titan telnetd[10953]: refused connect from 195.90.203.76 Jun 22 05:21:04 titan telnetd[10955]: refused connect from 195.90.203.76 Jun 22 05:22:30 titan login: 2 LOGIN FAILURES FROM freefall.FreeBSD.ORG Jun 22 05:22:30 titan login: 2 LOGIN FAILURES FROM freefall.FreeBSD.ORG, andreas Jun 22 05:23:39 titan login: 2 LOGIN FAILURES FROM freefall.FreeBSD.ORG Jun 22 05:23:39 titan login: 2 LOGIN FAILURES FROM freefall.FreeBSD.ORG, root Jun 22 05:24:03 titan login: 1 LOGIN FAILURE FROM freefall.FreeBSD.ORG Jun 22 05:24:03 titan login: 1 LOGIN FAILURE FROM freefall.FreeBSD.ORG, ddd -- Andreas Klemm http://www.FreeBSD.ORG/~andreas What gives you 90% more speed, for example, in kernel compilation ? http://www.FreeBSD.ORG/~fsmp/SMP/akgraph-a/graph1.html "NT = Not Today" (Maggie Biggs) ``powered by FreeBSD SMP'' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message