> What program/process corresponds to the "SERVERS[5344]" log? That I don't know. This is not my system; I was called in after the event (well after) to discover and repair. Securing the system will likely be done with another system between this and the world, and the additional system will probably be running Engarde Linux. > > To protect portmap (and other daemon), I would make sure that your firewall > blocks any unwanted traffc for services that you don't want available to the > 'net. > As extra protection - firewalls can become misconfigured; I found this out > through experience ;) - set up Linux firewalling and then for "suspenders" > > configure your /etc/hosts.deny and /etc/hosts.allow files. Defense in layers > can really help - or at least make you sleep a little better. > > Of course the best protection is to turn off and may be uninstall servers > (services) that you won't be using. > > On Thursday 16 May 2002 06:05 am, John Summerfield wrote: > > Is this being broken into? If so, what do I look for? > > May 6 03:22:36 gateway SERVER[5344]: Dispatch_input: bad request line > > 'BBàóÿ¿áóÿ¿âóÿ¿ãóÿ¿XXXXXXXXXXXXXXXXXX%.160u%300$n%.17u%301$nsecurity%302$n% > > May 6 03:22:56 gateway portmap[5360]: connect from 202.105.49.12 to > > getport(ypbind): request from unauthorized host > > May 6 03:23:01 gateway portmap[5361]: connect from 202.105.49.12 to > > getport(ypbind): request from unauthorized host > > May 6 03:23:06 gateway portmap[5362]: connect from 202.105.49.12 to > > getport(ypbind): request from unauthorized host > > May 6 03:23:11 gateway portmap[5363]: connect from 202.105.49.12 to > > getport(ypbind): request from unauthorized host > > > > _______________________________________________ > Redhat-devel-list mailing list > Redhat-devel-list@redhat.com > https://listman.redhat.com/mailman/listinfo/redhat-devel-list > -- Cheers John Summerfield Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ Note: mail delivered to me is deemed to be intended for me, for my disposition. ============================== If you don't like being told you're wrong, be right! _______________________________________________ Redhat-devel-list mailing list Redhat-devel-list@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-devel-list
