Hi, the answer may be found on this URL: http://www.kb.cert.org/vuls/id/945216
Greetz Christoph BTW: There was a nice thread concering this topic on suse-security yesterday - it is located under http://lists2.suse.com/archive/suse-security/2001-Nov/0417.html Ed Street wrote: > Hello, > > Last night some interesting logs came to my inbox from a clients firewall > box. > > Nov 21 23:20:05 <system name> sshd[11534]: Disconnecting: crc32 compensation > attack: network attack detected > > This went on for a period of time until I went into the box retrieved the ip > address of the person and threw them into /etc/hosts.deny. Then about 30-60 > mins later another of client that's not even related to this box was probed. > > Any input/thoughts on this? BTW I do know what type of attack it is and I > do know that my clients firewall boxes have the latest security patches so > nothing nasty happened, just some lag from this <stuff > missing>.lax-ca.dsl.cnc.net place. This person who started the attack is > running redhat 6.1 Linux and Friday I'm going to contact the isp to get the > identity then call my clients and inform them of the attempted attack. > > Ed > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- .-. Ruhr-Universitaet Bochum /v\ L I N U X Lehrstuhl fuer Biophysik // \\ >Penguin Computing< c/o Christoph Wegener /( )\ Gebaeude ND 04/Nord ^^-^^ D-44780 Bochum, GERMANY Tel: +49 (234) 32-25754 Fax: +49 (234) 32-14626 mailto:[EMAIL PROTECTED] http://www.bph.ruhr-uni-bochum.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
