>>>>> "Eugene" == Eugene Tyurin <eugene_tyurin@yahoo.com> writes:
Eugene> On Mon, Jun 25, 2001 at 09:23:56AM -0400, Rick Pasotto wrote:
>> I've gotten the same sort of message. It appears in the lpr.log and
>> syslog. I think it's an internal problem and not an attack from outside.
Eugene> Portsentry didn't detect anything. I briefly looked at
Eugene> the config files for lprng, and it looks like they leave
Eugene> lpd listening to outside connections. So, yes, it looks
Eugene> like somebody was trying to mess with my lpd - this is why
Eugene> portsentry didn't pick up on it. So, meanwhile I just
Eugene> purged lprng as I found myself not printing anything for
Eugene> the past few months.
Check out snort... if this attack is a known one, it would have told you what
kind. (It's an IDS, and includes portscan detection).
Bye, J
--
Jürgen A. Erhard (juergen.erhard@gmx.net, jae@users.sourceforge.net)
My WebHome: http://members.tripod.com/Juergen_Erhard
GNUstep - Free OPENSTEP (http://www.gnustep.org)
Comes in two sizes: huge and Oh-My-God.
Attachment:
pgpl0FVEB6XLC.pgp
Description: PGP signature