|
|
Re: lug-bg: Fw: portsentry TCP SYN
- Subject: Re: lug-bg: Fw: portsentry TCP SYN
- From: borj@xxxxxxxxx (Boris Jordanov)
- Date: Fri, 8 Feb 2002 18:42:39 +0200
On Fri, 8 Feb 2002 17:50:02 +0100
Bozhan Bozhkov wrote:
>
> ----- Original Message -----
> From: "Bozhan Bozhkov" <bozho@xxxxxxxxxxx>
> To: <lug-bg@xxxxxxxxxxxxxxxxxx>
> Sent: Friday, February 08, 2002 3:38 PM
> Subject: portsentry TCP SYN
>
>
> Çäðàâåéòå
> Íàñêîðî èíñòàëèðàõ portsentry è çàïî÷íàõà åäíè òàêèâà ëîãîâå:
>
> Jan 22 17:07:01 pegassus portsentry[21607]: attackalert: TCP SYN/Normal
> scan
> from host: egas34...... to TCP port: 445
>
> îò 2 ìàøèíè - åäíàòà ñ XP äðóãàòà ñ Âèí 2000
>
> èìàìå õèïîòåçà - âèäîçà ñå ìú÷è äà ñå ñâúðæå ñ äîìåèí êîíòðîëåð è ïðàùà SYN
> íåïðåêúñíàòî, çà îïðåäåëåí ïåðèîä îò âðåìå, ïîíåæå íå ïîëó÷àâà îòãîâîð.
>
> Äàëè å òîâà èëè:
> à) íåùî ëàçè ïî ñúîòâåòíèòå ìàøèíè
> á) ñúâñåì äðóãà ïðè÷èíà
>
> è àêî å âÿðíà íàøàòà õèïîòåçà - êàê ñå îáÿñíÿâà íà òèÿ 2000/ÕÐ äà íå ïðàâÿò
> òàêèâà ðàáîòè.
> (ãîëÿìà åìîöèÿ áåøå ïðåäè âðåìå, äîêàòî ðàçáåðà îò êúäå ñå êàçâà íà 2000 äà
> íå ñå ìú÷è äà ñå ðåãèñòðèðà ñàì â DNS-a )
>
> Ïîçäðàâè
> Áîæî.
>
Daze po-dobre:
http://ntsecurity.nu/papers/port445/
Take care
Boris Jordanov (borj) <borj@xxxxxxxxx>
ICQ 10751645
PGP-key-fingerprint:------------------------------
CB23 8B52 5FBC F36A 1B61 F1ED 2831 E52D AAFF 7B08
--------------------------------------------------
Public-key:---------------------------------------
http://borj.freeshell.org/borj.asc
--------------------------------------------------
To err is human...
to really foul up requires the root password.
<HR>
<UL>
<LI>application/pgp-signature \\\\\\\\\ \\\\: stored
</UL>
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
|
|
|