[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] PORT 113, AUTH (in.ident)

Subject: [cobalt-security] PORT 113, AUTH (in.ident)
From: "lists" <lists@xxxxxxxxxxxxxxxx>
Date: Tue, 17 Feb 2004 08:34:17 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Is this a normal thing to have uncommented in inetd.conf??

I am trying to figure out where an attacker is getting in, nothing shows in
the logs whatsover, yet the attacked can server wide deface all index.html's
and alike.
/usr/sbin/in.ident has a normal wtime of Sept, 1999 which means it wasnt
altered... right?

Any ideas?

Dave

Follow-Ups:
- Re: [cobalt-security] PORT 113, AUTH (in.ident)
  - From: Jaana Jarve

References:
- [cobalt-security] ssh listening on ports 81 & 444
  - From: lists
- Re: [cobalt-security] ssh listening on ports 81 & 444
  - From: Charlie Clemmer

Prev by Date: Re: [cobalt-security] ssh listening on ports 81 & 444
Next by Date: [cobalt-security] Odd entries in passwd file?
Previous by thread: Re: [cobalt-security] ssh listening on ports 81 & 444
Next by thread: Re: [cobalt-security] PORT 113, AUTH (in.ident)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index