Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: funky syslog entry

From: highway () CSTONE NET (Sean Michael Whipkey)
Date: Wed, 28 Jun 2000 09:08:50 -0400

klug wrote:


While searching through syslog entries I found this little tid bit.
Others and I, believe its some sort of scan. Any ideas are welcome.
Portmap has sense been removed from this server.

klug

Jun 24 14:39:10 * portmap[27279]:
connect from 193.40.245.45 to dump(): request from unauthorized host


You're not the only one.  I got it on two machines here at work:
Jun 23 23:45:20 riff portmap[53850]: connect from 193.40.245.45 to
dump(): request from unauthorized host
Jun 23 23:51:06 torg portmap[54972]: connect from 193.40.245.45 to
dump(): request from unauthorized host

These machines are on different subnets, too...

The IP address is for an Estonian university.  They never responded to
my e-mails to them about this.

SeanMike

--
SeanMike Whipkey - Geek-a-mondo
"Extra ninjas make any party, family gathering, or war scene tons
more interesting." http://www.ninjahypothesis.com/messenger.htm
ObCompanyPlug: http://www.mrgoodbucks.com/
Previous By Date Next
Previous By Thread Next

Current thread: