more attacks

[Warren Togami]

If your Linksys Cable/DSL router isn't forwarding any ports or using that
"DMZ" feature, then your internal machines should be reasonably safe from
most of the usual random exploit scans.  It would take persistent advanced
scanning techniques and more know-how than the average script kiddie to gain
any information from internal machines, making it fairly difficult to crack.

Posting your IP address may or may not be safe, depending on the intentions
of the people on this list.  If you don't feel safe posting your address,
e-mail it to a few people on the list that you trust.  I'll scan you if you
request it.

----- Original Message -----
From: "Jon Reynolds" <proteon at gci.net>
To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
Sent: Friday, July 27, 2001 4:34 PM
Subject: [luau] RE: more attacks


> ok Dusty, im a bit leary about posting my ip here on the list, is it ok to
> do so? and this is what i do have: both servers are FreeBSD4.3 that sit
> behind a linksys router/switch that does NAT. and unfortunately that is
> about the extent of my protection, as for sendmail, i am thinking of
> switching to qmail this weekend to try and shore up that gaping hole, i
> subscibed to the qmail mailing list, but that has degenerated into a flame
> war over linux and windows, uff. I am open to any suggestions you or the
> list has. I would be interested in your script if you share your work. I
> also have shutdown the telnet and ftp ports. My biggest concern is i am
not
> able to tell if my servers have already been compromised and if so how to
> reverse it.
>
> Jon
>