[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Si Becker <71362.22@xxxxxxxxxxxxxx>

Subject: [cobalt-security] Si Becker <71362.22@xxxxxxxxxxxxxx>
From: "Render-Vue" <sales@xxxxxxxxxxxxxx>
Date: Wed, 26 Dec 2001 14:25:59 +1300
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi yah,

Can anyone tell me how to stop this idiot from scanning the servers, have
changed the port of ssh a while back so I'm not fussed about the port 22
scan and portsentry and IP Chains are doing their thing. But this is
happening nearly every day now, has anyone else seen scans from this
source...

Portsentry had an alert to ns.xxxxxxxxxxxxxxx.com from the following IP
address and port:
211.174.38.152 22   < ------  This IP Changes all the time
Service:
ssh              22/tcp    SSH Remote Login Protocol
ssh              22/udp   SSH Remote Login Protocol
#                 Si Becker <71362.22@xxxxxxxxxxxxxx>  <------- This is
constant as is the ports being scanned

The other thing is there a script or method of cleaning the host.deny file
after a certain amount of days - the deny file is starting to get a bit big
now and I think I can recollect someone mentioning there was problems after
a certain amount of IP's got listed...could have picked that up wrong though
:>

Hope everyone had a pleasant Xmas

Regards form Auckland

Chae

Follow-Ups:
- Re: [cobalt-security] Si Becker <71362.22@xxxxxxxxxxxxxx>
  - From: Roy A. Urick
- Re: [cobalt-security] Si Becker <71362.22@xxxxxxxxxxxxxx>
  - From: Gerald Waugh

Prev by Date: [cobalt-security] Backing Up
Next by Date: Re: [cobalt-security] Si Becker <71362.22@xxxxxxxxxxxxxx>
Previous by thread: RE: [cobalt-security] Backing Up
Next by thread: Re: [cobalt-security] Si Becker <71362.22@xxxxxxxxxxxxxx>

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index