[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] possible ftp attack??

Subject: RE: [cobalt-users] possible ftp attack??
From: "Sim Ayers" <sim@xxxxxxxxxxxx>
Date: Sun Oct 21 07:21:02 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> > It's probably a Windows worm or virus
> >
> > /var/log/messages is filled with the same FTP attack.
> >
> > use this to see a list of unauthorized access attempts
> >
> > grep "anonymous" /var/log/messages
> 
> When I do this, I find a bunch of lines that are listed with 
> "anonymous" and
> "localhost[127.0.0.1]"  Anonymous FTP is not enabled on any site 
> on my RaQ3.
> Does this mean that somehow my security has been comprimised?
> 

No it does not mean that your security has been comprimised.
It's just someone trying to login using anonymous. This happens all the
time. However, with wanadoo.fr, it's some worm or virus looking for a way
into your server. Not allowing Anonymous FTP is always the best way to
setup your server.

Sim

References:
- RE: [cobalt-users] possible ftp attack??
  - From: Michael Tubbe

Prev by Date: RE: [cobalt-users] possible ftp attack??
Next by Date: Re: [cobalt-users] OS Restore for RaQ3
Previous by thread: RE: [cobalt-users] possible ftp attack??
Next by thread: Re: [cobalt-users] possible ftp attack??

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index