[olug] breakin?

Andrew Embury drazak at materiamagica.com
Thu Aug 31 03:15:02 UTC 2000


Most likely, it was just a port scan to see what ports you have open or
some curious warezmongers looking for a good ftp.

I noticed you said you have telnet and ftp enabled so you can telnet
OUT.  You dont need telnetd enabled to telnet out, the client alone will
work just fine.  If you dont have any need to telnet IN to your box, by
all means, disable it.  Your ideas about ssh are always good too.

There are also several ways you can leave telnetd and ftpd enabled, but
disallow foreign access.  However, it seems like you are curious about
Unix security, and that is a topic that isn't easially covered in an
email.  There are several good security howto's that detail the different
kinds of tools you can use to secure your machine.  I would recommend
starting there.


_Drew

On Wed, 30 Aug 2000, mesc wrote:

> I was looking through /var/log/secure when  I saw  Jul 23 10:55:38
> omhan1 in.telnetd[1049]: connect from 207.114.4.46 and Jul 27 14:29:03
> omhan1 in.ftpd[1917]: connect from 203.233.199.252 (yes from last
> month,I need to watch my logs better).Now I just have telnet and ftp
> enabled on my box so I can telnet out or ftp for files,I'm trying to
> figure out SSH so I can do away with these but what I need to know is
> are these 2 connections just attempts to connect to my box or did
> someone infact connect and login to my box.If  so how can I keep these
> ppl  out assuming they are the coming back?
> 
> 
>         Thank you,Gary Martin
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: olug-unsubscribe at bstc.net
> For additional commands, e-mail: olug-help at bstc.net
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net



More information about the OLUG mailing list