[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Portsentry - Definitions

Subject: Re: [cobalt-users] Portsentry - Definitions
From: Rik Thomas <rikt@xxxxxxxxxxxx>
Date: Wed Mar 21 09:41:46 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Mon, 19 Mar 2001, Jay Jennings wrote:

> I get several emails a day showing Active System Attack Alerts and Security
> Violations.
>
> Other than the fact that someone's poking around and trying to get in, do
> those emails tell me other stuff I should care about? Do they give me hints
> of places I should be shoring up against attack?
>
> I've looked for details of what the messages mean, but haven't found the
> "Newbie Guide to AttackAlerts."
>
>  Jay

Well as mentioned before, those attack alerts are telling you that
they are in fact scanning you, but scanning for services that you
don't offer.  grep your logs and I am sure you will find the IP
somewhere of them trying your dns, httpd, etc.  The only thing that
this should do for you is to make you want to learn how to protect
your services that you are running and is available to the general
net.  We are feeling more and more everyday that Cobalt/Sun just isn't
fast enough for us and are looking to move away to a customer
RedHat/Plesk server solution.

-- 
Rik Thomas CTO rikt@xxxxxxxxxxxx
Delaware.Net, Inc. http://www.delaware.net
P:302.736.5515 F:302.736.5945 ICQ:879956
$20 Domains!!! http://register.delaware.net

References:
- [cobalt-users] Portsentry - Definitions
  - From: Jay Jennings

Prev by Date: [cobalt-users] Is there a FAQ for this list?
Next by Date: Re: [cobalt-users] Auto Setup Script Problems
Previous by thread: [cobalt-users] Portsentry - Definitions
Next by thread: Re: [cobalt-users] Portsentry - Definitions

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index