logcheck
Pavel Kankovsky
peak na argo.troja.mff.cuni.cz
Středa Listopad 22 02:18:07 CET 2000
On Tue, 21 Nov 2000, Petr Šafrata wrote:
> Nov 16 22:19:51 orel sendmail[22726]: NOQUEUE:
> IDENT:root na fra-pci-lag-vty30.as.wcom.net [212.211.66.30]: expn root
Nekdo se zrejme zajimal, kam chodi posta pro roota.
> imapd[22714]: Connection reset by peer, while reading line user=???
> host=UNKNOWN
> ipop3d[22715]: Connection reset by peer while reading line
> user=??? host=UNKNOWN
Tady zas nekdo skenoval porty.
> Nov 16 22:06:25 orel imapd[22714]: connect from 212.211.66.30
> Nov 16 22:06:25 orel ipop3d[22715]: connect from 212.211.66.30
> Nov 16 22:06:31 orel in.ftpd[22716]: refused connect from
> fra-pci-lag-vty30.as.wcom.net
> Nov 16 22:19:46 orel ipop3d[22723]: connect from 212.211.66.30
> Nov 16 22:19:47 orel imapd[22724]: connect from 212.211.66.30
Tohle je asi taky od skenovani.
> Man tuto IP 212.211.66.30 uplne zakazat????
Zbytecne. I kdyby to z nej nekdo nekdy zkousel znova, pak urcite maji
deset nahradnich pocitacu pro pripad, ze by to nefungovalo. Navic to podle
adresy muze byt nejaky dialup, a tudiz ta adresa uz ted muze byt prirazena
nekomu uplne jinemu.
> Pripadne zakazovat dalsi ze kterych nekdo bude skenovat porty nebo se
> pokusi o neco takovaho.
Muzete si zkusit stezovat u provozovatele toho pocitace. Hlavne zakazte na
svem pocitaci ty sluzby, pres ktere by se tam nekdo mohl naborit.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
Další informace o konferenci Linux