Re: Are these breakin attempts?

2001-06-17 Thread Ken Seefried
Yes, they are likely breakin attempts. Why in the *world* are you running rpc.statd (or portmap, or...nevermind...some people can't be helped) on a publicly accessable machine. That's flat out stupid. Ken Seefried, CISSP Christian Jaeger writes: Hello, I run a pc with p

Re: Are these breakin attempts?

2001-06-17 Thread Ken Seefried
Yes, they are likely breakin attempts. Why in the *world* are you running rpc.statd (or portmap, or...nevermind...some people can't be helped) on a publicly accessable machine. That's flat out stupid. Ken Seefried, CISSP Christian Jaeger writes: > Hello, > > I run

Re: other mysterious port things

2001-05-29 Thread Ken Seefried
ed "netstat" on floppy won't save you here. Once again, successful detection of a compromise is a multi-layered problem, and no one tool is a silver bullet. Ken Seefried, CISSP

Re: other mysterious port things

2001-05-29 Thread Ken Seefried
en having a safe, staticly linked "netstat" on floppy won't save you here. Once again, successful detection of a compromise is a multi-layered problem, and no one tool is a silver bullet. Ken Seefried, CISSP -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: other mysterious port things

2001-05-29 Thread Ken Seefried
ch casual methods as you indicate difficult. An acurrate assessment requires more than a single tool. Ken Seefried, CISSP

Re: other mysterious port things

2001-05-29 Thread Ken Seefried
libs, making detection by such casual methods as you indicate difficult. An acurrate assessment requires more than a single tool. Ken Seefried, CISSP -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: hi, any help ? about an evil mysterious crazy Open tcp port ?

2001-05-28 Thread Ken Seefried
"lsof -i UDP:4350", but don't quote me; check your local man page. P.S. - you might need to install lsof. Ken Seefried, CISSP

Re: hi, any help ? about an evil mysterious crazy Open tcp port ?

2001-05-28 Thread Ken Seefried
P:4350" and "lsof -i UDP:4350", but don't quote me; check your local man page. P.S. - you might need to install lsof. Ken Seefried, CISSP -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Got root?

2001-05-01 Thread Ken Seefried
privs (which didn't exist back then). Anyone remeber that? Ken Seefried, CISSP

Re: Got root?

2001-05-01 Thread Ken Seefried
privs (which didn't exist back then). Anyone remeber that? Ken Seefried, CISSP -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Followup: Syslog

2001-04-18 Thread Ken Seefried
symlinked to /mnt/floppy ;) Other arguments about the utility of append-only aside, why not use ext2 floppies? There's not too much space overhead. If you are going to go to that much trouble, use a CD writer for logging. Ken Seefried, CISSP

Re: Followup: Syslog

2001-04-18 Thread Ken Seefried
the only one that has /var/log symlinked >> to /mnt/floppy ;) > > Other arguments about the utility of append-only aside, why not use ext2 > floppies? There's not too much space overhead. > If you are going to go to that much trouble, use a CD writer for logging. Ken S