[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Another Exploit?!? (different than before)...

Subject: RE: [cobalt-users] Another Exploit?!? (different than before)...
From: "Sim Ayers" <sim@xxxxxxxxxxxx>
Date: Wed Dec 12 17:00:02 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

/etc/hosts.deny

> > in.telnetd: 163.28.0.0/255.255.0.0
> > in.proftpd: 163.28.0.0/255.255.0.0
> > in.telnetd: 212.179.0.0/255.255.0.0
> > in.proftpd: 212.179.0.0/255.255.0.0
> > in.telnetd: 61.216.0.0/255.255.0.0
> > in.proftpd: 61.216.0.0/255.255.0.0
> > in.telnetd: ALL EXCEPT .com, .net
> > in.proftpd: ALL EXCEPT .com, .net
> > in.telnetd: 62.243.185.0/255.255.255.0, 62.161.48.100/255.255.0.0,
> > .microsoft.com
> > in.proftpd:  62.243.185.0/255.255.255.0, 62.161.48.100/255.255.0.0,
> > .microsoft.com
> > 
> Why the microsoft entries?
> 
> Regards,
> Curtis


Curtis,

I had too many anonymous login attempts coming from ftp.microsoft.com.

Micrsoft has no business trying to login into my ftp server for any reason.

Sim

References:
- RE: [cobalt-users] Another Exploit?!? (different than before)...
  - From: Curtis Ross

Prev by Date: [cobalt-users] Webalizer 1.3 log deletion
Next by Date: [cobalt-users] Jon Pennycook/Services/PSION/GB is out of the office.
Previous by thread: RE: [cobalt-users] Another Exploit?!? (different than before)...
Next by thread: [cobalt-users] OT- Colocation

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index