|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: Fwd: Re: [PLUG] Fwd: Re: named version probes
|
On Mon, Feb 05, 2001 at 11:12:47PM -0500, Chad Glynn wrote:
> but wouldn't named version probes happen on the named port, port 53?
Yeah, but I think Beldon's just curious about what's hitting his
friend.
Looks like the usual broadband scans (ftpd--proftpd and wuftpd
exploits are pretty recent, especially considering how many people
even on this list are still running the horribly insecure default RH
6.2; linuxconf, so forth, plus some windows-specific crap).
If he's got a Linksys box noticing all this, he's a cut way above
most broadband customers and probably has nothing to worry about.
(Unless he's a long-time @home subscriber and it's just gotten
worse... in that case, um, well, there goes the neighborhood.)
> Big Brother Is Watching >> nslookup 24.0.0.203
> Server: ns1.netaxs.com
> Address: 207.106.1.2
>
> Name: authorized-scan1.security.home.net
> Address: 24.0.0.203
I can't decide whether that's more scary or reassuring.
I guess it's probably a good thing, but still... what's to keep a
disgruntled @home employee from making off with the logs?
~ g r @ eclipsed.net
______________________________________________________________________
Philadelphia Linux Users Group - http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
|
|