I found this in my logs and I'm wondering if this is a hacking attempt?
Should I be concerned?
Also, if/when I see these, I'd like to add them to a blocked list using
/sbin/ipfw, but get the following message when trying this command:
# /sbin/ipfw add 1 deny all from 151.204.100.88:255.255.255.2
Phillip Smith (mailing list) wrote:
I found this in my logs and I'm wondering if this is a hacking attempt?
Probably.
Should I be concerned?
Probably not, as long as you use good passwords for everything, you're
probably safe (unless you use telnet or ftp or something).
Also, if/when I see these,
ipfw: getsockopt(blaah)
Is your kernel configured for firewall work? Check LINT for options.
As well you should be able to use tcpwrappers, look in
/etc/hosts.allow. You could add a deny for this 'persons' ip addy denying
him/her/it access to your sshd daemon. NOTE: It is 'normally not a goo
From: "YOU" <[EMAIL PROTECTED]>
To: "Phillip Smith (mailing list)" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 10:06 AM
Subject: Re: hacking attempts?
> On Tue, 4 Mar 2003, Phillip Smith (mailing list) wrote:
>
> >
On Tue, 4 Mar 2003, Kevin Kinsey, DaleCo, S.P. wrote:
> > him/her/it access to your sshd daemon. NOTE: It is 'normally not a
> good
> > idea' to do this, but if you don't want to rebuild with a firewall
> > configured kernel it will suffice.
> >
> And the reason it's not a "good idea"? I've alw
