[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Hacking attempts on certain port what is thisused for?
- Subject: Re: [cobalt-users] Hacking attempts on certain port what is thisused for?
- From: "Gerald Waugh" <gerald@xxxxxxxxx>
- Date: Thu Feb 22 21:47:10 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
"Carrie Bartkowiak" <ravencarrie@xxxxxxxx> wrote
> > Host.deny does not get cleared out on re-boot.
> > Gerald
>
> Gerald are you positive?
> Zeffie was helping me out with something one day and I saw the access in my
> logs. Not realizing it was him, I dropped him into hosts.deny as quick as I
> could. (Then later I was smacking myself when I found out it was him, *L*).
> He had to access with a different IP to get in.
> But once I rebooted, he could get back in no problem - his IP had been taken
> out of hosts.deny.
>
> *confoozled*
> CarrieB
My immediate experience was with the RaQ2, I have never rebooted the RaQ4's.
I made an error editing (manually adding an IP) to /etc/hosts.deny.
(--- It was that pride.harvard.edu who was attempting the FTP exploit --)
The error caused the server to reject everything (any IP - including mine) Only
http worked.
I rebooted several times.
I had to remove the drive from the RaQ and install it on my on my desktop Linux
system.
Edit /etc/hosts.deny (removing my error).
Reinstall the drive in the RaQ.
And finally all was in order.
In this case I may have preferred that the entries would go-away on re-boot.
Gerald