On Sun, 7 Feb 1999, Preston Landers wrote:
> Simon Hill wrote:
>
> > So sorry for bothering everyone with these stupid messages about security.
>
> I think it's very helpful.
>
> I have also had exploit attempts from this maui.rmi.net today. And a
> couple of days ago, the exact same exploit attempt from
> franco.eng.uci.edu. Fortunately my system was not compromised.
>
> ---P
>
Yes, I got hit by franco too, but they never got to try the exploit,
because they did a broadband port scan first. I'm running abacus sentry,
which automatically firewalls anyone doing a port scan. So by the time
they tried the nfs exploit, they were already denied. I highly recommend
Abacus sentry, which you can find at http://www.psionic.com.
I've been in contact with the uci folks, and apparently franco was broken
into from UT. Their logs show connections from a host in csr.utexas.edu
and another in dorm.utexas.edu.
I'm also checking into a product from siemens called horus, which is free
for linux. Check out http://www.siemens.com/servers/horus/horus_us.htm
looks interesting.
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
