There appears to be something afoot in the SF Bay area, and possibly
further. A number of machines, many of them Linux, are being cracked.
Several people report port scanners hitting them regularly.
Entry to my machine was made via imapd, a mail handler that is not
essential if fetchmail is being used. Some also report eggdrop attacks,
which I also experienced, but my machine did not go down on that.
My ISP's tech support's first comment, when I said I had been
cracked, was to ask me if I was running Internet Explorer, as that is
where they had been coming through on other of their clients. He was
surprised when I said I was runing Linux, telling me that those were
supposed to be a lot more secure.
Suggestions on other lists are to check your /etc/inetd.comf file,
turn off just about everything unless you are sure you need it. You don't
need shell, login, telnet, etc. in most cases if you do not have other
people log in to your machine. If you are not serving FTP, turn that off
too. Imapd has some security bug in it, so it should either be turned
off, or replaced if you really, really need it.
-javilk- posting from my ISP's shell account.
I am just repeating what I have read in other messages sent me.
You are advised to use common sense in evaluating this information.
____________________________________________________________________
--------------------------------------------------------------------
Join The Web Consultants Association : Register on our web site Now
Web Consultants Web Site : http://just4u.com/webconsultants
If you lose the instructions All subscription/unsubscribing can be done
directly from our website for all our lists.
---------------------------------------------------------------------
