I've managed to make considerable progress. I'm posting this more
as information and as a warning for others to heed.
The moral of the story is:
- configure your linux systems well and secure them tightly.
- apply any security updates for network daemons as soon as they
become avai
On Sun Apr 22 2001 at 12:08, [EMAIL PROTECTED] wrote:
> I don't recognize the specific attack, but it certainly looks like
> other buffer overflow attacks that I've seen on syslog events.
Thanks for confirming that I'm not the only one seeing this.
The update is that I'm now seeing this happen
Hi Tony,
I don't recognize the specific attack, but it certainly looks like
other buffer overflow attacks that I've seen on syslog events. If
you don't know what service is being attacked you can either look
for the service by its pid (assuming it is still running), look
for a startup message
This very strange syslog exerpt (below) is taken from
/var/log/messages on a moderately busy network server box with
redhat 6.x on it.
Does anyone know what it is?
If it is any sort of security problems, I'd really like to know :)
It is not alone, I have it happening on four similar boxes. But
