On Wed, 21 Feb 2001, Mandi wrote:
> James -
>
> I thought that too, but according to the man page for inetd.conf, the
> first column of a service listing in inetd.conf has to be the correct name
> from /etc/services.
Yes. This is just used a convenient way of specifying port numbers,
though.
>
On Wed, 21 Feb 2001, Raven Alder wrote:
> Heya --
>
> I accidentally killed the original message, but someone had made
> the point that /etc/services just dictates what port a given service is
> listening on, and that disabling that port binding hasn't a thing to do
> with whether the servic
James -
I thought that too, but according to the man page for inetd.conf, the
first column of a service listing in inetd.conf has to be the correct name
from /etc/services.
With xinetd, you can specify that the service you want to run is unlisted,
ie missing from /etc/services, and it will run
Heya --
I accidentally killed the original message, but someone had made
the point that /etc/services just dictates what port a given service is
listening on, and that disabling that port binding hasn't a thing to do
with whether the service is running at the time. That's inetd.
Absolutely
On Mon, Feb 19, 2001 at 11:23:23PM -0800, damask0 sed:
> 2) Make sure that there aren't any ports listening that you don't need.
> Go through /etc/services and comment out all the lines that are
> unnecessary. (Careful what you lose, though. For example, some MTA
> need identd.) Use
/etc/serv
On Mon, 19 Feb 2001, Christian MacAuley wrote:
> Recently i've gotten a few complaints about probes/scans from one of my
> computers (a Cobalt Linux server.) I've looked at my logs and i can see no
> one was logged into it at the time that the scans were reported. Does that
> mean someone is sp
On Tue, Feb 20, 2001 at 01:44:04AM -0500, Christian MacAuley wrote:
> On Monday 19 February 2001 17:53, you wrote:
>
> > It could also mean that your box has been cracked. What ports has it
> > supposedly been scanning?
>
> Today the server was reported to have made a SYN attack against some n
Heya --
> Today the server was reported to have made a SYN attack against some
> network at a college. A few days ago a man emailed me complaining
> that the server was probing port 53 on his computer. The box has 1
> static IP and isn't a gateway, so no other computers are permitted to
> us
Heya --
> Recently i've gotten a few complaints about probes/scans from one of
> my computers (a Cobalt Linux server.) I've looked at my logs and i
> can see no one was logged into it at the time that the scans were
> reported. Does that mean someone is spoofing me?
Possibly . . . but t
On Monday 19 February 2001 17:53, you wrote:
> It could also mean that your box has been cracked. What ports has it
> supposedly been scanning?
Today the server was reported to have made a SYN attack against some network
at a college. A few days ago a man emailed me complaining that the serve
On Mon, 19 Feb 2001, Christian MacAuley wrote:
> Recently i've gotten a few complaints about probes/scans from one of my
> computers (a Cobalt Linux server.) I've looked at my logs and i can see no
> one was logged into it at the time that the scans were reported. Does that
> mean someone is sp
On Mon, 19 Feb 2001 Christian MacAuley wrote:
[some questions regarding security and intruder detection]
Sorry, no time for a long answer today, but please have a look
here:
http://sunsite.unc.edu/mdw/HOWTO/Firewall-HOWTO.html
To read on, please see section 1.5 "Further Readings"
Recently i've gotten a few complaints about probes/scans from one of my
computers (a Cobalt Linux server.) I've looked at my logs and i can see no
one was logged into it at the time that the scans were reported. Does that
mean someone is spoofing me?
I'd like to make sure all the ports i'm not
13 matches
Mail list logo
