Speaking of this....
Checking my logs lately, I've been seeing a TON of "print request from [ip]"
which is usually some remote IP, often in a foreign country. Is this indicative
of a new exploit? I'm running RH 6.2, locked down pretty well, I think. Heck, I
can only SSH in to my workstation from Two IP addresses (one of which is any
machine on my LAN at home <G>)
I'm also seeing random portscans. I saw a thread in here earlier on a new
feature in the latest kernels which will allow one to deny/drop all inbound
requests that aren't in response to an OUTBOUND request. Is there any way to
implement a feature similar to this in RH 6.2 using IPCHAINS?
Thanks...
John
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
