Actually you did get responses, check your archives... -rf
On Fri, 9 Nov 2001, Timothy King wrote: > I posted this a few days ago and got no response, so I thought I would try > one more time. > > On my MDK 8.1 firewall box, when I do "iptables -L", I notice an allowed > client for all services > (including ssh) that I did not add and do not recognize: > > root:/root> iptables -L | grep pvelm > CLIENT udp -- pvelm-138.pv.k12.ny.us MyHostNameudp dpt:20 > CLIENT tcp -- pvelm-138.pv.k12.ny.us MyHostNametcp dpt:ftp > CLIENT udp -- pvelm-138.pv.k12.ny.us MyHostNameudp dpt:fsp > CLIENT tcp -- pvelm-138.pv.k12.ny.us MyHostNametcp dpt:telnet > CLIENT udp -- pvelm-138.pv.k12.ny.us MyHostNameudp dpt:23 > CLIENT tcp -- pvelm-138.pv.k12.ny.us MyHostNametcp dpt:ssh > CLIENT udp -- pvelm-138.pv.k12.ny.us MyHostNameudp dpt:ssh > CLIENT tcp -- pvelm-138.pv.k12.ny.us MyHostNametcp dpt:pop3 > CLIENT udp -- pvelm-138.pv.k12.ny.us MyHostNameudp dpt:pop3 > CLIENT tcp -- pvelm-138.pv.k12.ny.us MyHostNametcp dpt:www > CLIENT udp -- pvelm-138.pv.k12.ny.us MyHostNameudp dpt:www > CLIENT tcp -- pvelm-138.pv.k12.ny.us MyHostNametcp > > Since I know little about iptables, I use an Open Source product called > gScript to assist in configuring my firewall. Grepping though /etc and > /etc/firewall (which is where the gScript config. lives), I find no > reference to this client being allowed access. > > Have I been hacked? Anywhere else to look for evidence? > > Tim King > [EMAIL PROTECTED] > > > >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
