This one time, at band camp, Hal said: > I run a potato server on an ethernet behind a firewall connected by dsl to the internet. The only service exposed is ftp, In the middle of last night ippl reported an ftp connection attempt from 192.168.1,1 The network behind my firewall uses 192.168.75.xx addressses for one Redhat and a couple of Windows machines as well as the debian ftp server. Any idea where the 192.168.1.1 attempt is coming from? Is it likely to have been spoofed over the internet as part of an attack? > > -- > ---> Hal <----> klingons@speakeasy.org <--- > -- > > > -- > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > > It may have been, or it may have been somebody else on a LAN, with IP addressing schema 192.168.1.x, who forgot to use passive-ftp. I guess you'd have to look around and see what they tried to do. HTH, Steve -- No problem is so formidable that you can't just walk away from it. -- C. Schulz
Attachment:
pgp44pTcq6IpL.pgp
Description: PGP signature