[CLUE-Tech] Hack attempt
grant
grant at amadensor.com
Mon Aug 6 10:38:19 MDT 2001
Last night at 00:46, I had someone trying to connect to many ports on one
of my machines. All of the connections were refused. About 15 minutes
later, the other machine locked up. I couldn't even switch virtual
terminals.
I saw no evidence of a break in (nothing weird in the logs, /etc/passwd,
/etc/groups, processes running, etc.) Is this most likely a coincidence,
a hack attempt that crashed the machine, or something successful? Where
is best to look?
I do not know of any remote crash vulnerabilities in any of my software,
and I keep everything up to date as far as patches. TCP wrappers shut
down the connections to machine 1, and machine 2 (the one that locked up)
answers only to HTTP, SSH, and PostgreSQL. It does allow SMB and NFS and
YP, but only to the 2 machines on my local network.
______________________________________________________________________________
Your mouse has moved.
You must restart Windows for your changes to take effect.
#!/usr/bin/perl
print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);
More information about the clue-tech
mailing list