Kurt Buff wrote:
I got a daily security run email from one of my machines on Monday
morning, with the following entry:
zmx1.zetron.com login failures:
Aug 30 06:57:17 zmx1 su: BAD SU mlee to root on /dev/ttyp2
Aug 30 09:42:17 zmx1 su: BAD SU mlee to root on /dev/ttyp0
What's
On Wed, Sep 2, 2009 at 00:23, Mark Stapperst...@mapper.nl wrote:
Kurt Buff wrote:
I got a daily security run email from one of my machines on Monday
morning, with the following entry:
zmx1.zetron.com login failures:
Aug 30 06:57:17 zmx1 su: BAD SU mlee to root on /dev/ttyp2
In the last episode (Sep 02), Kurt Buff said:
On Wed, Sep 2, 2009 at 00:23, Mark Stapperst...@mapper.nl wrote:
Kurt Buff wrote:
I traced it down, and found out that he had not logged in on Sunday.
The auth.log is, as you can see from the listing below, quite old. The
entries referenced
On Wed, Sep 2, 2009 at 10:03, Dan Nelsondnel...@allantgroup.com wrote:
In the last episode (Sep 02), Kurt Buff said:
snip
Heh. Well, for me a very long time is more than a year, because
security patches for the OS will at some point mandate a reboot - and
usually in less than a year.
I
I got a daily security run email from one of my machines on Monday
morning, with the following entry:
zmx1.zetron.com login failures:
Aug 30 06:57:17 zmx1 su: BAD SU mlee to root on /dev/ttyp2
Aug 30 09:42:17 zmx1 su: BAD SU mlee to root on /dev/ttyp0
What's puzzling is that this
On 9/30/07, Ian Smith [EMAIL PROTECTED] wrote:
On Sun, 30 Sep 2007 09:41:00 -0700 Kurt Buff [EMAIL PROTECTED] wrote:
On 9/30/07, Chuck Swiger [EMAIL PROTECTED] wrote:
Kurt Buff wrote:
[ ... ]
+Limiting closed port RST response from 283 to 200 packets/sec
I don't know
Kurt Buff wrote:
[ ... ]
+Limiting closed port RST response from 283 to 200 packets/sec
I don't know what this means, though I suspect it could mean that I'm
being port scanned. Is this a reasonable guess?
Yes. It could also be something beating really hard on a single closed port,
too.
--
On 9/30/07, Chuck Swiger [EMAIL PROTECTED] wrote:
Kurt Buff wrote:
[ ... ]
+Limiting closed port RST response from 283 to 200 packets/sec
I don't know what this means, though I suspect it could mean that I'm
being port scanned. Is this a reasonable guess?
Yes. It could also be
On Sun, 30 Sep 2007 09:41:00 -0700 Kurt Buff [EMAIL PROTECTED] wrote:
On 9/30/07, Chuck Swiger [EMAIL PROTECTED] wrote:
Kurt Buff wrote:
[ ... ]
+Limiting closed port RST response from 283 to 200 packets/sec
I don't know what this means, though I suspect it could mean that I'm
I've noted in a security mail from one of my machines the following log entries:
+++ /tmp/security.yEepp7hR Sat Sep 29 03:02:07 2007
+Limiting closed port RST response from 253 to 200 packets/sec
+Limiting closed port RST response from 233 to 200 packets/sec
+Limiting closed port RST
Hi all,
Receiving the following... I assume this is just because of a portupgrade
that we did that tried to upgrade cyrus, and I assume this is the
automated port account creation/deletion that it does but I wanted
to run it by everyone.
Jul 9 15:29:52 mercury saslpasswd: failed to
Hi,
Is it my imagination or should FreeBSD automatically make run a cron job
to generate a security report? If so does anyone have the cron line?
Rgds
Rus
--
http://www.fsck.me.uk - My blog
http://www.65535.net - $120 for a lifetime UNIX shell account
To Unsubscribe: send mail to [EMAIL
-Original Message-
From: Rus Foster [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 13, 2003 13:17
To: [EMAIL PROTECTED]
Subject: Security Report
Hi,
Is it my imagination or should FreeBSD automatically make run
a cron job
to generate a security report? If so does anyone
On Mon, Jan 13, 2003 at 11:16:50AM +, Rus Foster wrote:
Is it my imagination or should FreeBSD automatically make run a cron job
to generate a security report? If so does anyone have the cron line?
No, you're not imagining things. See /etc/crontab for the invocation
of the periodic(8
On Mon, 13 Jan 2003, Matthew Seaman wrote:
On Mon, Jan 13, 2003 at 11:16:50AM +, Rus Foster wrote:
Is it my imagination or should FreeBSD automatically make run a cron job
to generate a security report? If so does anyone have the cron line?
No, you're not imagining things. See /etc
15 matches
Mail list logo