What program/process corresponds to the "SERVERS[5344]" log? To protect portmap (and other daemon), I would make sure that your firewall blocks any unwanted traffc for services that you don't want available to the 'net. As extra protection - firewalls can become misconfigured; I found this out through experience ;) - set up Linux firewalling and then for "suspenders" configure your /etc/hosts.deny and /etc/hosts.allow files. Defense in layers can really help - or at least make you sleep a little better. Of course the best protection is to turn off and may be uninstall servers (services) that you won't be using. On Thursday 16 May 2002 06:05 am, John Summerfield wrote: > Is this being broken into? If so, what do I look for? > May 6 03:22:36 gateway SERVER[5344]: Dispatch_input: bad request line > 'BBàóÿ¿áóÿ¿âóÿ¿ãóÿ¿XXXXXXXXXXXXXXXXXX%.160u%300$n%.17u%301$nsecurity%302$n% > May 6 03:22:56 gateway portmap[5360]: connect from 202.105.49.12 to > getport(ypbind): request from unauthorized host > May 6 03:23:01 gateway portmap[5361]: connect from 202.105.49.12 to > getport(ypbind): request from unauthorized host > May 6 03:23:06 gateway portmap[5362]: connect from 202.105.49.12 to > getport(ypbind): request from unauthorized host > May 6 03:23:11 gateway portmap[5363]: connect from 202.105.49.12 to > getport(ypbind): request from unauthorized host _______________________________________________ Redhat-devel-list mailing list Redhat-devel-list@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-devel-list
