[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Portscan Question
- Subject: Re: [cobalt-users] Portscan Question
- From: "Dave Thurman (Mailing List Email)" <listonly@xxxxxxxxxxxxxxxxxxxx>
- Date: Mon Sep 23 11:17:01 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
on 9/23/02 1:01 PM, Bob G7 stated:
> eth0:portscan: tcp xx.xx.xx.xx/27374 -> 211.230.113.64/3656 40 rst (21)
>
> Question is, were they trying to scan port 27374? Phoenix.log shows the
> attempt, but where do I add this to block them from trying again.
You can add them to your /etc/hosts.deny file with
ALL: 211.230.113.64
I would recommend grabbing the security files from Gerald's site. We get the
alerts via email and they are automagically added to the hosts.deny and
another file.
--
Thanks!!
Dave Thurman
The Web Presence Group / www.webpresencegroup.net
Listonly <at> webpresencegroup.net / Spam Block 8^Q