Date: Fri, 1 Jun 2001 08:56:44 -0700 (PDT) From: Brian Behlendorf <brian@collab.net> To: Dag-Erling Smorgrav <des@ofug.org> Cc: "Karsten W. Rohrbach" <karsten@rohrbach.de>, <freebsd-security@FreeBSD.ORG> Subject: Re: Apache Software Foundation Server compromised, resecured. (fwd) Message-ID: <Pine.BSF.4.31.0106010855400.679-100000@localhost> In-Reply-To: <xzpvgmguvn6.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1 Jun 2001, Dag-Erling Smorgrav wrote: > Brian Behlendorf <brian@collab.net> writes: > > The shell machine at SF didn't have reverse DNS (or at least it wasn't > > recorded in the wtmp), so you might want to look for 216.136.171.252 (the > > machine our friend came in from) or maybe even 216.136/24. > > I hope you meant 216.136.171/24, and not 216.136/16: Er, yeah; preferably someone could get a list of IP addresses SF.net has ever had public shell machines on. > Oh, and .252 does have reverse DNS: > > des@des ~% host 216.136.171.252 > 252.171.136.216.IN-ADDR.ARPA domain name pointer usw-sf-fw2.sourceforge.net OK, but it wasn't recorded in my wtmp, so I suspect it might not get recorded in others'. Brian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.31.0106010855400.679-100000>