Date: Wed, 27 Feb 2002 18:03:53 -0500 From: Bill Moran <wmoran@potentialtech.com> To: Jim Freeze <jim@freeze.org> Cc: questions@freebsd.org Subject: Re: Is this a breakin (attempt)? Message-ID: <02022718035303.00825@proxy.pt.com> In-Reply-To: <20020227091544.A15249@freeze.org> References: <20020227081821.A12905@freeze.org> <02022708505801.00825@proxy.pt.com> <20020227091544.A15249@freeze.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 27 February 2002 09:15, Jim Freeze wrote: > > On another angle, I get this kind of thing all the time. In December, I > > had Samba running unprotected on this machine for about a month (due to > > carelessness on > > What do you mean unprotected. You have my attention here. No ipfw rules preventing access to samba from the internet, and the Samba config did not have any interfaces bound, so it was accepting connections on all interfaces. Lucky for me, I had Samba in "user" mode (which required a password to log in) and the Samba logs showed attempted connections that timed out waiting for a password. Thus, the people attempting to access weren't being too terribly clever. They probably just gave up when they were asked for a password. I've now solved this problem by telling Samba only to bind to the internal interface on this machine, so it doesn't even listen to requests that may come in from the Internet. -- Bill Moran Potential Technology technical services http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?02022718035303.00825>