Date: Mon, 23 Apr 2001 22:53:59 +0100 From: Mark Drayton <mark.drayton@4thwave.co.uk> To: Beech Rintoul <freebsd-questions@freebsd.org> Subject: Re: Continously getting error 'rpc.statd: invalid hostname to sm_stat: ...' could it be a DOS attack? Message-ID: <20010423225359.A14549@tethys.valhalla.net> In-Reply-To: <01042310270701.01587@galaxy.anchoragerescue.org>; from akbeech@anchoragerescue.org on Mon, Apr 23, 2001 at 10:27:07AM -0800 References: <200104231831.OAA47437@mail2.wmptl.com> <01042310270701.01587@galaxy.anchoragerescue.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Beech Rintoul (akbeech@anchoragerescue.org) wrote: > On Monday 23 April 2001 10:31, Nathan Vidican wrote: > > We have been, (for several weeks now), been getting the error > > message (logged to both the console, and /var/log/messages) as > > follows: [snip linux rpc.statd overflow log message] > It' a hack attempt with an old Linux kiddie script. Never affected > FreeBSD, and no longer works on Linux. I wouldn't worry about it, we > get that three or four times a day. You should firewall off access to your NFS daemons and get some kind of intrusion detection system (such as snort) to log the source address of these attacks. NFS daemons should not be accessible from the internet. -- Mark Drayton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010423225359.A14549>