seems someone is at it again
Nelson Garcia
garcian002 at hawaii.rr.com
Thu Jul 5 21:01:11 PDT 2001
Did you setup your firewall?
If there are no servers running, where do they get a password prompt from?
They should just get kicked out with a "lost connection" message.
Why don't you just close the port? I'd be too paranoid to leave such an
obvious port open. It's just advertising your presence and at the same time
the fact that you don't have strong safeguards in place. Even the most
basic firewall script is usually setup to block that port when not in use.
If you are using iptables, just get the script from the link on the mplug
website (http://www.mplug.org/).
I'm still using ipchains but my script is such a hack that I'm embarrassed
to show it in public. Let me know if you want a copy.
Later,
Nelson
-----Original Message-----
From: dave [mailto:d.eason at home.com]
Sent: Thursday, July 05, 2001 4:50 PM
To: Linux & Unix Advocates & Users
Subject: [luau] seems someone is at it again
Had about 50 attempts to telnet into my box today, telnet isnt even
running so I dont care
.what I wanted to know is
..is the user/pass they
are trying logged somewhere, and if not can I do that, would be interesting
reading anyhow
.. And for some reason all my hack attempts are coming from
the china/korea and australia
.
-dave
---
You are currently subscribed to luau as: garcian002 at hawaii.rr.com
To unsubscribe send a blank email to $subst('Email.Unsub')
More information about the LUAU
mailing list