[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] IPs related to hackers

Subject: Re: [cobalt-users] IPs related to hackers
From: "fastmedia" <inc@xxxxxxxxxxxxx>
Date: Sat Feb 10 17:38:08 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> > PortSentry adds IPs to the /etc/hosts.deny file so if I'm a bit late
> > watching the logcheck messages, the IPs are already blocked. PortSentry
> > doesn't add IPs that are being used to run FTP anonymous login scripts
or
> > IPs that are being used to attempt logins using the admin ID so I drop
> > those in by hand.

this "hosts.deny" file doesn't seem to block nameserver or ftp requests.
my server was recently compromised via proftpd by the looks of it.

i think ipchains is the better blocking option, i'm presently studying
up on this.





--
chris paul
fastmedia.net

Follow-Ups:
- Re: [cobalt-users] IPs related to hackers
  - From: Diana Brake
- Re: [cobalt-users] IPs related to hackers
  - From: Mike Vanecek

References:
- Re: [cobalt-users] IPs related to hackers
  - From: Colin J. Raven

Prev by Date: Re: [cobalt-users] OS Restore Hangs at Loading Kernel
Next by Date: Re: [cobalt-users] payment method
Previous by thread: Re: [cobalt-users] IPs related to hackers
Next by thread: Re: [cobalt-users] IPs related to hackers

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index