Date: Tue, 23 Jun 1998 19:24:50 +0200 From: Andreas Klemm <andreas@klemm.gtn.com> To: "Jordan K. Hubbard" <jkh@time.cdrom.com> Cc: committers@FreeBSD.ORG Subject: Re: Release schedule for 2.2.7 Message-ID: <19980623192450.A1458@klemm.gtn.com> In-Reply-To: <1350.898593243.1@time.cdrom.com>; from Jordan K. Hubbard on Tue, Jun 23, 1998 at 02:14:03AM -0700 References: <1350.898593243.1@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 23, 1998 at 02:14:03AM -0700, Jordan K. Hubbard wrote: > o Security folks > > Check your CERT advisories and whatnot against the state of -stable > today. Sometimes things are missed. daily security check script needs some additions... Login failures that are logged in /var/log/messages aren't reported. Last recently I noticed various login/crack attempts on a FreeBSD-STABLE machine in my company. Things we should report are: "refused connect from" by tcp_wrapper and "LOGIN FAILURES FROM" by login See here: Jun 22 05:17:43 titan telnetd[10520]: refused connect from 195.90.203.76 Jun 22 05:18:05 titan telnetd[10523]: refused connect from 195.90.203.76 Jun 22 05:20:22 titan telnetd[10951]: refused connect from 195.90.203.76 Jun 22 05:20:37 titan telnetd[10953]: refused connect from 195.90.203.76 Jun 22 05:21:04 titan telnetd[10955]: refused connect from 195.90.203.76 Jun 22 05:22:30 titan login: 2 LOGIN FAILURES FROM freefall.FreeBSD.ORG Jun 22 05:22:30 titan login: 2 LOGIN FAILURES FROM freefall.FreeBSD.ORG, andreas Jun 22 05:23:39 titan login: 2 LOGIN FAILURES FROM freefall.FreeBSD.ORG Jun 22 05:23:39 titan login: 2 LOGIN FAILURES FROM freefall.FreeBSD.ORG, root Jun 22 05:24:03 titan login: 1 LOGIN FAILURE FROM freefall.FreeBSD.ORG Jun 22 05:24:03 titan login: 1 LOGIN FAILURE FROM freefall.FreeBSD.ORG, ddd -- Andreas Klemm http://www.FreeBSD.ORG/~andreas What gives you 90% more speed, for example, in kernel compilation ? http://www.FreeBSD.ORG/~fsmp/SMP/akgraph-a/graph1.html "NT = Not Today" (Maggie Biggs) ``powered by FreeBSD SMP'' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980623192450.A1458>