From owner-freebsd-security Mon May 24 7:32:35 1999 Delivered-To: freebsd-security@freebsd.org Received: from idea.co.uk (ultra2.idea.co.uk [194.36.20.11]) by hub.freebsd.org (Postfix) with ESMTP id 1C32314BD3 for ; Mon, 24 May 1999 07:31:12 -0700 (PDT) (envelope-from kiril@idea.co.uk) Received: (from kiril@localhost) by idea.co.uk (8.9.2/8.9.2) id PAA02615; Mon, 24 May 1999 15:22:29 +0100 (BST) From: Kiril Mitev Message-Id: <199905241422.PAA02615@idea.co.uk> Subject: Re: Server trying to connect to Port 113 To: des@flood.ping.uio.no (Dag-Erling Smorgrav) Date: Mon, 24 May 1999 15:22:29 +0100 (BST) Cc: greg@qmpgmc.ac.uk, freebsd-security@FreeBSD.ORG In-Reply-To: from "Dag-Erling Smorgrav" at May 24, 99 04:01:30 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > "Greg Quinlan" writes: > > So will it effect anything by opening port 113? ...(getting 2000 or so log > > entries from the same server) > > Don't log, or at least, don't log connections to ports to which you > excpect benign (if misguided) traffic, such as auth and the netbios > ports. i beg to disagree, any access attempt from 'outside' to any netbios ports are 99% indicative of a break-in attempt. in my experience, at least K > > DES > -- > Dag-Erling Smorgrav - des@flood.ping.uio.no > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message