[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [vps-mail] Packet filter
- Subject: Re: [vps-mail] Packet filter
- From: Godwin Stewart <gstewart@xxxxxxxxxxx>
- Date: Tue, 28 Sep 2004 17:33:00 +0200
On Tue, 28 Sep 2004 09:47:50 -0500, "Look at SomethingCool.com"
<look@xxxxxxxxxxxxxxxxx> wrote:
> To me, it's not really an issue. Or should it be?
It depends.
We've been seeing them from corporate IP addresses, not infected
dialup/cable/dsl users, and we've been informing the people responsible for
the networks that they most likely have a compromised machine. No action has
been taken, and no acknowledgement of the reports has been given.
So, the probes in themselves aren't anything to worry about (root login *is*
disabled on our systems), but the totally irresponsible attitude of the net
admins (no, I won't tell you that it's in-motion.net on 66.103.96.0/20 in
order to preserve their anonymity - oops, that blew it) leads me to believe
that far more damage could come from there unabated. *THAT* is what I'd like
to prevent by locking them out of my systems altogether, at the network
layer, or the transport layer at a pinch, not as far up the stack (and deep
into the machine) as the application layer.
--
G. Stewart -- gstewart@xxxxxxxxxxx -- gstewart@xxxxxxxxxxx
Registered Linux user #284683 (Slackware 9.0, Linux 2.6.8.1-em8300)
--------------------------------------------------------------
If money doesn't grow on trees then why do banks have branches?
======================================================================
This is <vps-mail@xxxxxxxxxxxx> <http://www.perlcode.org/lists/>
Before posting a question, please search the archives (see above URL).
Main Index |
Thread Index