[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] hosts.deny listing

Subject: Re: [cobalt-users] hosts.deny listing
From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
Date: Fri Apr 13 06:43:11 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

From: "Wayne Sagar" <wsagar@xxxxxxxx>


> Question for those who have been monitoring their systems longer than I
> have.. is this a normal level of activity we're currently seeing or is
this
> growing very rapidly? It seems amazing that we can even keep a machine
> online with the current level....

Probably it has grown over the last few years, due to the growth of the
internet in general. This is just script kiddie behavior... kids who scan
ports 111 and 137-9 are looking for common vulnerabilities on unix and
windows systems (respectively). With a decent portscanner, its easy to scan
thousands of IP addresses in seconds to find vulnerable systems.

This is not something you should worry about. If you are concerned that your
hosts.deny file is too large, remove ports 111 and 137 from the portsentry
list. Your box doesn't run services on these ports anyway, and generally if
this is the only port the kiddies are hitting, they don't have the knowledge
to hack your box.

Kevin

Follow-Ups:
- Re: [cobalt-users] hosts.deny listing
  - From: Steve Buza

References:
- Re: [cobalt-users] hosts.deny listing
  - From: Wayne Sagar

Prev by Date: Re: [cobalt-users] mail problems
Next by Date: [cobalt-users] broken pipe -- send mail not working
Previous by thread: Re: [cobalt-users] hosts.deny listing
Next by thread: Re: [cobalt-users] hosts.deny listing

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index