[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] How to locate SUID = root files?

Subject: Re: [cobalt-security] How to locate SUID = root files?
From: storage@xxxxxxxxxx
Date: Thu, 22 Mar 2001 16:17:28 -0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Michael Stauber <cobalt@xxxxxxxxxxxxxx> said:

> Hi Jason,
> 
> > I don't have an answer but how do you recognise when you have been
> > port-scanned?
> 
> I use a tool called Portsentry (www.psionic.com). It can detect, report and 
> block portscans. However, the usage of portsentry is usually frowned upon 
> by some very vocal list members here. 
> 
Never really understood that. If you have a daily/weekly cron job that cleans 
your hosts.deny and ipchains, how bad? And why shouldn't people run what 
_they_ want on _their_ server? I just don't get it. Maybe someone should 
explin it to me?

adam

PS. Can I start an argument about Reply-to munging next?

References:
- Re: [cobalt-security] How to locate SUID = root files?
  - From: Michael Stauber

Prev by Date: Re: [cobalt-security] Portscanning on Qube2
Next by Date: [cobalt-security] PoPToP
Previous by thread: Re: [cobalt-security] How to locate SUID = root files?
Next by thread: Re: [cobalt-security] How to locate SUID = root files?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index