[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] RaQ4 - Help with Portsentry on Cobalt RaQ4r

Subject: Re: [cobalt-users] RaQ4 - Help with Portsentry on Cobalt RaQ4r
From: "Carrie Bartkowiak" <ravencarrie@xxxxxxxx>
Date: Tue Feb 20 05:49:13 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> I'm having some problems setting up Logcheck and Portsentry on my Cobalt
> RaQ4r.  The following log is emailed to me:
<snip>
> ...and so on, every 5 minutes, througout the day.

Tony this is someone actively trying to get in to your server through
port69... unless this is one of YOUR IP addies.
Is it always the same IP addy?

PortSentry is doing what it is supposed to - it's monitoring your ports for
scanners and attempts to get in; and then tossing the IP address of those
people into the hosts.deny file.  (So the next time they try scanning, you
are more or less 'invisible' to them.)

Be patient. You'll get used to the logs soon enough - but even after weeks
of having them your paranoia won't lessen any, trust me.  :)

CarrieB

Follow-Ups:
- [cobalt-users] ownership problems
  - From: Weihan Leow

References:
- [cobalt-users] RaQ4 - Help with Portsentry on Cobalt RaQ4r
  - From: tony simpson

Prev by Date: Re: [cobalt-users] Uninstalling PHP4 + MySQL
Next by Date: Re: [cobalt-users] Books about Cobalt servers?
Previous by thread: [cobalt-users] RaQ4 - Help with Portsentry on Cobalt RaQ4r
Next by thread: [cobalt-users] ownership problems

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index