Date: Mon, 21 Aug 1995 15:17:15 -0500 From: Jon Loeliger <jdl@chrome.onramp.net> To: Ade Barkah <mbarkah@hemi.com> Cc: hackers@freebsd.org Subject: Re: rlogin on illegal port Message-ID: <199508212017.PAA03194@chrome.onramp.net> In-Reply-To: Your message of "Mon, 21 Aug 1995 13:57:58 MDT." <199508211957.NAA07189@hemi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Apparently, Ade Barkah scribbled: > Hello, > > One of our FreeBSD 2.0.5 machines showed the following within > the console messages: > > (date) (time) (hostname) rlogin [3643]: usage rlogind [-aln] > (date) (time) (hostname) rlogin [3643]: Connection from 128.x.x.x > on illegal port > > What exactly does it mean and do we need to be concerned about > this ? Seems like someone ran a probe on us or something. > > Thanks in advance, > > -Ade > ps. incidently, the machine which initiated the connection looks > like another FreeBSD machine. OK, I'll ponder this one with you as I got this message the other day in /var/log/messages: Aug 14 18:57:52 chrome named[65]: Lame delegation to 'hemi.com' from [128.x.x.x] (server for 'hemi.com'?) on query on name 'hemi.com' Notice that this involves hemi.com and I too have bleeped the from addr. I haven't got a clue in the world what this means. To be fair, I could easily have a *bad* DNS configuration here. I'm working on that. There were several such entries from different hosts. It was during a time period when a non-FreeBSD mailing list I'm on was experiencing some majorly flakey problems. I chalked it up to that. Could this also be due to the FreeBSD mail-list flake the other day? jdl
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199508212017.PAA03194>