[NCLUG] Network configuration

Sean Reifschneider jafo at tummy.com
Thu Oct 26 17:58:30 MDT 2000


On Thu, Oct 26, 2000 at 08:28:10AM -0400, R P Herrold wrote:
>when folks get out of their depth.  Often I cannot understand
>how they were NOT cracked -- Open old named, open portmapper,

The reason they weren't cracked was that the IP address space is
fairly sparse.  You can't just scan several billion addresses,
so people pick "hot spots" and concentrate on those (and even there
it's fairly sparse).

I was just reviewing the packet logs for our networks last night and
over the last month there were a few dozen scans for named and ftpd,
and a few less for portmapper.  There were even a couple of scans for
Linuxconf...

These were strictly scans where they were walking our entire network
range (usually ALL our networks).

Sean
-- 
 It often shows a fine command of a language to say nothing.
Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python



More information about the NCLUG mailing list