Re: Cable Modem on Linux

To: debian-user@lists.debian.org
Subject: Re: Cable Modem on Linux
From: P Kirk <patrick@enterprise-hr.com>
Date: Mon, 6 Aug 2001 15:22:18 +0100
Message-id: <[🔎] 20010806152218.A26845@enterprise.kirks.net>
Mail-followup-to: patrick, debian-user@lists.debian.org
In-reply-to: <[🔎] 20010806093158.C773@harmony.cs.rit.edu>
References: <[🔎] 128.28a3e0b.289fb574@aol.com> <[🔎] 20010806093158.C773@harmony.cs.rit.edu>

| I just got a DSL connection (last night) and my firewall logged a
| bunch of DENYed packets on port 138 (Netbios datagram service) from
| another IP in my DSL subnet.  Somebody messed up <smirk>.  BTW I
| apache is logging a whole bunch of Code Red requests already!  Now I

I uninstalled portsentry because /etc/hosts.deny and the routing table
were beginning to look overloaded.  Whoever coded that thing certainly
knew how to get a scan going!

The slightly strange thing is that Code Red and its siblings are now
almost permanent.  Unless all the IIS boxes are rebooted and patched, for the
next 6 months we will all have our log files packed with these spurious
entries and tools like portsentry will have to be set at a lower security
level to avoid black-holing half the Internet.

Wonder if the next Linux worm will be cloaked as a Code Red scan?

Reply to:

References:
- Re: Cable Modem on Linux
  - From: JakeCatfox@aol.com
- Re: Cable Modem on Linux
  - From: dman <dsh8290@rit.edu>

Prev by Date: dist upgrade potato to woody 2.2 to 2.4 kernel
Next by Date: proftpd : 2 anonymous areas?
Previous by thread: Re: Cable Modem on Linux
Next by thread: Re: Cable Modem on Linux
Index(es):
- Date
- Thread