On Sun, 29 Sep 2002, Samuele Giovanni Tonon wrote:
> On Sat, Sep 28, 2002 at 05:36:06PM +0100, Dale Amon wrote:
> > I'm curious if anyone has thought about ways of blocking
> > this sort of attack before it gets to the home user?
> > http://www.the-dailyrant.com/archives/000855.html#000855
>
On Sun, 29 Sep 2002, Samuele Giovanni Tonon wrote:
> On Sat, Sep 28, 2002 at 05:36:06PM +0100, Dale Amon wrote:
> > I'm curious if anyone has thought about ways of blocking
> > this sort of attack before it gets to the home user?
> > http://www.the-dailyrant.com/archives/000855.html#000855
On Sat, Sep 28, 2002 at 05:36:06PM +0100, Dale Amon wrote:
> I'm curious if anyone has thought about ways of blocking
> this sort of attack before it gets to the home user?
> http://www.the-dailyrant.com/archives/000855.html#000855
>
it depends on the attack: they say they want the
"Congres
On Sat, 28 Sep 2001 at 10:19 AM, Phillip Hofmeister wrote:
>On Sat, 28 Sep 2002 at 05:36:06PM +0100, Dale Amon wrote:
>> I'm curious if anyone has thought about ways of blocking
>> this sort of attack before it gets to the home user?
>>
>> http://www.the-dailyrant.com/archives/000855.html#0
On Saturday, 2002-09-28 at 18:33:43 +0200, Wichert Akkerman wrote:
> Previously Lupe Christoph wrote:
> > Opinions? Comments?
> Does it really matter?
Well it may collide with a service started after it that wants this
particular privileged port. I also believe that services that do not
require a
On Sat, Sep 28, 2002 at 05:36:06PM +0100, Dale Amon wrote:
> I'm curious if anyone has thought about ways of blocking
> this sort of attack before it gets to the home user?
> http://www.the-dailyrant.com/archives/000855.html#000855
>
it depends on the attack: they say they want the
"Congre
On Sat, 28 Sep 2001 at 10:19 AM, Phillip Hofmeister wrote:
>On Sat, 28 Sep 2002 at 05:36:06PM +0100, Dale Amon wrote:
>> I'm curious if anyone has thought about ways of blocking
>> this sort of attack before it gets to the home user?
>>
>> http://www.the-dailyrant.com/archives/000855.html#
On Saturday, 2002-09-28 at 18:33:43 +0200, Wichert Akkerman wrote:
> Previously Lupe Christoph wrote:
> > Opinions? Comments?
> Does it really matter?
Well it may collide with a service started after it that wants this
particular privileged port. I also believe that services that do not
require
On Sat, 28 Sep 2002 13:19:44 -0400
Phillip Hofmeister <[EMAIL PROTECTED]> wrote:
> On Sat, 28 Sep 2002 at 05:36:06PM +0100, Dale Amon wrote:
> > I'm curious if anyone has thought about ways of blocking
> > this sort of attack before it gets to the home user?
> >
> > http://www.the-dailyrant.c
On Sat, 28 Sep 2002 at 05:36:06PM +0100, Dale Amon wrote:
> I'm curious if anyone has thought about ways of blocking
> this sort of attack before it gets to the home user?
>
> http://www.the-dailyrant.com/archives/000855.html#000855
>
> I think it is especially important to those of us
> wh
I'm curious if anyone has thought about ways of blocking
this sort of attack before it gets to the home user?
http://www.the-dailyrant.com/archives/000855.html#000855
I think it is especially important to those of us
who are not under US law, living in places where such
activity would not
Previously Lupe Christoph wrote:
> Opinions? Comments?
Does it really matter?
Wichert.
--
_
/[EMAIL PROTECTED] This space intentionally left occupied \
| [EMAIL PROTECTED]http://www.wiggy.net/ |
| 102
On Sat, 28 Sep 2002 13:19:44 -0400
Phillip Hofmeister <[EMAIL PROTECTED]> wrote:
> On Sat, 28 Sep 2002 at 05:36:06PM +0100, Dale Amon wrote:
> > I'm curious if anyone has thought about ways of blocking
> > this sort of attack before it gets to the home user?
> >
> > http://www.the-dailyrant.
Hi!
I'm running chkrootkit on my workstation, just for testing. After the
last reboot it found:
Checking `bindshell'... INFECTED (PORTS: 600)
Slightly shocking on a workstation without direct Internet connectivity.
Doing an "lsof -i :600" showed rpc.statd using this port. Huh? Why a low
port?
On Sat, 28 Sep 2002 at 05:36:06PM +0100, Dale Amon wrote:
> I'm curious if anyone has thought about ways of blocking
> this sort of attack before it gets to the home user?
>
> http://www.the-dailyrant.com/archives/000855.html#000855
>
> I think it is especially important to those of us
> w
I'm curious if anyone has thought about ways of blocking
this sort of attack before it gets to the home user?
http://www.the-dailyrant.com/archives/000855.html#000855
I think it is especially important to those of us
who are not under US law, living in places where such
activity would no
Previously Lupe Christoph wrote:
> Opinions? Comments?
Does it really matter?
Wichert.
--
_
[EMAIL PROTECTED] This space intentionally left occupied \
| [EMAIL PROTECTED]http://www.wiggy.net/ |
| 102
Hi!
I'm running chkrootkit on my workstation, just for testing. After the
last reboot it found:
Checking `bindshell'... INFECTED (PORTS: 600)
Slightly shocking on a workstation without direct Internet connectivity.
Doing an "lsof -i :600" showed rpc.statd using this port. Huh? Why a low
port?
KevinL <[EMAIL PROTECTED]> writes:
> On Wed, 2002-09-18 at 06:05, Michael Renzmann wrote:
> > "killall .bugtraq" would be suitable as well, and it would "destroy"
> > every other instance of the program that is running currently. Even if
> > detecting the current PPID does not work for whatever
KevinL <[EMAIL PROTECTED]> writes:
> On Wed, 2002-09-18 at 06:05, Michael Renzmann wrote:
> > "killall .bugtraq" would be suitable as well, and it would "destroy"
> > every other instance of the program that is running currently. Even if
> > detecting the current PPID does not work for whatever
20 matches
Mail list logo
