[Previo por Fecha] [Siguiente por Fecha] [Previo por Hilo] [Siguiente por Hilo]
[Hilos de Discusión] [Fecha] [Tema] [Autor]Hola lista, fijense que ayer recibi este mensaje, al parecer hubo una violacion de seguridad o algo asi a traves de mi servidor. Alguna sugerencia de como resolver este problema? Actualmente trabajo con squid e iptables para el ruteo. Gracias. ---------- Forwarded message ---------- Date: Thu, 4 Apr 2002 07:03:59 -0600 (CST) From: root <root en pdpa uam mx> To: Edgar R. Sanchez Galicia <ersg en pdpa uam mx> Subject: [securepipe.com #136618] Possible Probe Port 21/tcp (ftp) (fwd) ---------- Forwarded message ---------- Date: 4 Apr 2002 12:25:48 -0000 From: SPI Incident Response <incident response-136618 en securepipe com> To: abuse en pdpa uam mx Subject: [securepipe.com #136618] Possible Probe Port 21/tcp (ftp) Complaint ID: [securepipe.com #136618] The following is a complaint against an IP or domain which appeared in our logs, indicating possible network abuse. If you have received this report in error, please forward it to the appropriate party or let us know. A user, apparently from your network, probed TCP port 21 (ftp) on the IP appearing in the log excerpt below. This may be an indication of an actively probing user, or a misconfigured client. All timestamps below are in UTC -0000 (Greenwich Mean Time) Apr 3 23:22:45 oshkosh-gw kernel: Packet log: inpETH2 DENY eth2 PROTO=6 148.206.66.33:4702 64.77.128.59:21 L=60 S=0x00 I=51774 F=0x4000 T=45 SYN (#21) We appreciate your assistance in resolving this matter. -- SecurePipe Incident Response Team Tel: +1 608 294 6940 Fax: +1 608 294 6950 (attn: IRT) incident response en securepipe com --------------------------------------------------------------------- Lista de soporte de LinuxPPP Reglas de la lista en http://linuxppp.com/reglas.html