I went to whois and found the location of the offenders.
I had another attack form a different source:
ftpd[8877]: getpeername (in.ftpd): Transport endpoint is not connected
telenetllc03.erols.com
I just added the following line to /etc/hosts.deny. Will it stop any
of the attacks?
in.telnetd, in.ftpd, in.tftpd, in.fingerd: ALL EXCEPT LOCAL,
.[domain].net
> SoloCDM wrote:
> >
> > My messages file shows "telnetd[21882]: ttloop: peer died: Invalid or
> > incomplete multibyte or wide character" and my tcpdump file shows the
> > consistent IP outside intruder as 198.79.30.20. What exactly
> > happened? Is my system infected, affected, or what?
*********************************************************************
Signed,
SoloCDM
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
