Hi,
we have small PC cluster running Debian 2.1. Since a few days to of those
bother me with the following message:
"my_host portmap[6050]: connect from 134.58.X.Y to callit(ypserv): request from
unauthorized host". In principle that is o.k., because 134.58.X.Y should have
no access to our cluster. It is just, that this message appears once per minute
and only at two out of seven boxes.
I checked with "tcpdump" and it seems, that 134.58.X.Y sends a request to the
address 134.58.255.255, which is then picked up by my_host (my_host has a
different IP number, of course). Does anybody has an idea why only 2 out of 7
boxes have that behaviour? Since it is the same software it must be some
setting, maybe in /etc. But where? How I can prevent the "portmap" from picking
up the request? It simply annoys me.
Greetings,
Dietrich
P.S. 134.58.X.X is a machine of a neighboring institute. It is not a hacker
attack.
