[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] hacker doing stuff

Subject: [cobalt-users] hacker doing stuff
From: "Gerald Waugh" <gerald@xxxxxxxxx>
Date: Thu May 24 00:07:00 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

This guy hit three of my servers with mixed results.
Question 1: "why the warning: /etc/hosts.allow, line 6" and
"warning: /etc/hosts.deny, line 6,9"?
These files do NOT have the domain listed at lines 6 or 9.
In fact the domain is now listed at lines 230+ in
hosts.deny.
Question 2: Why did proftpd on fsn3 (RaQ4) allow a
connection? And what could he do if he did connect?

May 24 06:07:21 fsn0 in.proftpd[880]: warning:
/etc/hosts.allow, line 6: can't verify hostname:
gethostbyname(na-10-135.na.avantel.net.mx) failed
May 24 06:07:21 fsn0 in.proftpd[880]: refused connect from
148.245.10.135

May 24 06:07:22 fsn1 in.proftpd[5165]: warning:
/etc/hosts.deny, line 9: can't verify hostname:
gethostbyname(na-10-135.na.avantel.net.mx) failed
May 24 06:07:22 fsn1 in.proftpd[5165]: refused connect from
148.245.10.135

May 24 06:07:17 fsn3 in.proftpd[5225]: warning:
/etc/hosts.deny, line 6: can't verify hostname:
gethostbyname(na-10-135.na.avantel.net.mx) failed
May 24 06:07:17 fsn3 in.proftpd[5225]: connect from
148.245.10.135

Follow-Ups:
- Re: [cobalt-users] hacker doing stuff
  - From: flash22

References:
- [cobalt-users] Raq4 and SSL
  - From: Donna Lever
- Re: [cobalt-users] Raq4 and SSL
  - From: Gerald Waugh

Prev by Date: [cobalt-users] Not found page
Next by Date: [cobalt-users] smd2
Previous by thread: Re: [cobalt-users] Raq4 and SSL
Next by thread: Re: [cobalt-users] hacker doing stuff

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index