OT:SYN FLOODING
Igor Bujna
igor.bujna na maxi-tip.cz
Středa Prosinec 6 16:48:51 CET 2000
Zdravim,
nevim jestli to souvisi s tematem teto konference, takze se predme
radsi omlouvam tem, kteri toto povazuji za OT.
Mam na svem linuxu firewal a portscaner, kde mi portscaner vypsal
tuto hlasku:
---------------------------------------------------------------------------------------
Dec 6 14:32:04 ns portsentry[802]: attackalert: SYN/Normal scan
from host: uxzero.zero.cz/212.96.167.1 to TCP port: 23
Dec 6 14:32:04 ns portsentry[802]: attackalert: Host:
uxzero.zero.cz/212.96.167.1 is already blocked Ignoring
Dec 6 14:32:10 ns portsentry[802]: attackalert: SYN/Normal scan
from host: uxzero.zero.cz/212.96.167.1 to TCP port: 23
Dec 6 14:32:10 ns portsentry[802]: attackalert: Host:
uxzero.zero.cz/212.96.167.1 is already blocked Ignoring
Dec 6 14:51:24 ns portsentry[802]: attackalert: SYN/Normal scan
from host: uxzero.zero.cz/212.96.167.1 to TCP port: 23
Dec 6 14:51:24 ns portsentry[802]: attackalert: Host:
uxzero.zero.cz/212.96.167.1 is already blocked Ignoring
Dec 6 14:51:31 ns portsentry[802]: attackalert: SYN/Normal scan
from host: www.iftprogres.cz/212.19.59.11 to TCP port: 143
Dec 6 14:51:31 ns portsentry[802]: attackalert: Host 212.19.59.11
has been blocked via wrappers with string: "ALL: 212.19.59.11"
Dec 6 14:51:31 ns portsentry[802]: attackalert: Host 212.19.59.11
has been blocked via dropped route using command: "/sbin/route
add -host 212.19.59.11 reject"
-----------------------------------------------------------------------------------------
Chtel jsem se zeptat , jak se resi tyto veci, nebo jestli existuje
nekde odkaz na internetu , jak tyto zalezitosti resit.
Nejedna se mi blokace nebo nastaveni firewalu(mozna i toto by
nebylo na skodu), ale treba o nejakou pravni cestu, nebo neco
podobnyho.
Dekuji
Další informace o konferenci Linux