question on network security
This is probably not the right forum for this question, but I am
running on a Debian/GNU machine. If there is a better mailing list
or news group for the question, please let me know.
I am trying to setup my machine as a 'less open' in my corporate
environment. I have started by having the entry 'ALL: ALL' in my
hosts.deny file. Then I add individual entries in the hosts.allow
file to gain access to my machine. This all works as planned.
However, what I have found is a tremendous number of attempts to gain
access to my machine that I was unaware of. Some of them are what I
was trying to prevent (in less than a day, about 10 www attempts when
I'm not even set up as an httpd server for example). But, the large
majority of the attempts I don't know much about. Attempts at access
via daemons ypserv, mountd, 300004, and 300214 with most trying
ypserv. These appear to be from SGIs and SUNs which are themselves
running some type of network protocol which periodically probes the
network.
I would like to eliminate these problems, but don't know where to
start. I can add back the problem machines to my hosts.allow file to
remove the error messages from my log file. This confirms that they
are the problems, but doesn't fix the problem.
--
/------------------------------------------------------------------\
| James D. Freels, P.E._i, Ph.D. | Phone: (423)576-8645 | | L |
| Oak Ridge National Laboratory | FAX: (423)574-9172 | H | I |
| Research Reactors Division | work e-m: fea@ornl.gov | F | N |
| P. O. Box 2008 | home e-m: fea@icx.net | I | U |
| Oak Ridge, Tennessee 37831-6392 | world's best neutrons! | R | X |
\------------------------------------------------------------------/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: