[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Portsentry => client locked himself out please advice
- Subject: [cobalt-users] Portsentry => client locked himself out please advice
- From: "R. Hamburg \(www.hava.nl\)" <user@xxxxxxx>
- Date: Tue Sep 17 09:47:01 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
A client of us locked himself out.
The command portsentry used was:
www portsentry[18703]: attackalert: Host XX.XX.XXX.56 has been blocked via
dropped route using command: "/sbin/route add -host XX.XX.XXX.56 reject"
We also got:
Sep 16 21:31:54 www named[592]: ns_req: sendto([XX.XX.XXX.56].11108):
Network is unreachable
Sep 16 21:31:50 www portsentry[18703]: attackalert: Host XX.XX.XXX.56 has
been blocked via wrappers with string: "ALL: XX.XX.XXX.56"
Note that xxx is a changed IP !
I removed the client from:
portsentry.blocked.actp
portsentry.blocked.udp
and from the hosts.deny
and restarted portsentry.
But still the client has no access from that ip which is in fact a dedicated
DSL ip provided by his accessprovider.
Am I overlooking something?? Do I need to restart something more ? Why does
my client gets no access to his email and websites ? Please note that on his
box no ipchains etc running.
Please advice ! Thanks in advance!
Robbert
---
This text confirms that the message has been scanned by Norton Antivirus
Enterprise for Windows 2000 Advanced Server.
http://www.hava.nl