[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] possible ftp attack??

Subject: RE: [cobalt-users] possible ftp attack??
From: "Phil Beynon" <Infolink@xxxxxxxxxxxxxxx>
Date: Mon Oct 22 05:53:00 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> > When I do this, I find a bunch of lines that are listed with
> "anonymous" and
> >  Anonymous FTP is not enabled on any
> site on my RaQ3.
> > Does this mean that somehow my security has been comprimised?
> >
> Since I updated my RaQ3, I get many of these. For some reason swatch
> (Active_Monitor)
> attempts an anonymous connection. So these may be from that source.
> This does not happen on my Qube3, RaQ2 or RaQ4's.
>
> Gerald

The  "localhost[127.0.0.1]" is the Raq itself doing things, nothing to worry
about whatsoever. It checks the status of the various services every 15 min
to ensure they are running correctly. You will see this in all your logs,
ftp, email and site.
Dunno about the anonymous ones though.

Phil

http://www.diygear.com THE Online DIY Toolstore For DIY & Business
Infolink Electronic Systems Ltd. Suppliers of:- PC based Computer Systems,
Peripheral & Hardware, Plus Web Design & Cobalt Raq4 Hosting Solutions
Contact the Sales desk at  infolink@xxxxxxxxxxxxxxx or Tel 0121 458 4894
(office) 0121 441 3558 (home)

References:
- Re: [cobalt-users] possible ftp attack??
  - From: Gerald Waugh

Prev by Date: RE: [cobalt-users] changes to PAM ?
Next by Date: Re: [cobalt-users] defcon swatch messages troubleshooting...
Previous by thread: Re: [cobalt-users] possible ftp attack??
Next by thread: [cobalt-users] Obtaining the POP before SMTP package

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index