[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Leafnode question



On Mon, May 11, 1998 at 06:20:03PM -0300, Trevor Barrie wrote:
> I was running fetch this afternoon, and noticed it was downloading messages
> for a couple of groups I don't read (my system is single-user)... checking the
> "interesting groups" directory found that they were in fact listed. Does
> anybody know what could cause this? I've heard tell of people latching onto

IIRC, the docs mention something about cross-posting causing this.  I
figured it meant that if one read an article in one group which article
was also posted to another, then that other group may become another
"interesting group".  So if you can see such a pattern and you want to
reduce your online time, then a script to delete the unwanted extra
"interesting groups" file in that directory could be called before
running fetch.

> somebody's system whose security wasn't properly set, but I only have
> an intermittent PPP connection with a variable IP address, so I didn't
> think that could be a problem (how would somebody find my machine?)

I didn't think so either but attempted telnet intrusions do occur quite
frequently on intermittent connections.  For some reason or other people
are actively scanning for news servers.  grep your syslog for
in.telnet.d and you might be surprised.  

Many isp's have a policy that forbids this behaviour.  I was advised
that it was possible to report this to the intruder's isp, if your system
clock is correctly set.  Often the intruders address from syslog will be
a name for a dial-up account.  The isp or owner of the domain can check
their logs to see what user was on that account at that time.

-- 
  jkern@klis.com   Jack Kern   Yarmouth, Nova Scotia   Debian GNU/Linux i386


--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


Reply to: