OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: ANdrei (andreiabc.ro)
Date: Wed Oct 03 2001 - 06:04:23 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    rikrikrose.net wrote:
    >
    > On Wed, 3 Oct 2001, ANdrei wrote:
    > > it wasn't for sure me :), but i just had my firewall down for a few
    > > mins, and then it happened... was this just a coincidence?
    >
    > It could have been a power cut, or even a brown out, or someone else while
    > you were working on the firewall :)

    nope, in that case you don't get that log entry from last (i'm almost
    sure about that) and your file-systems get checked at startup for sure,
    and mine didn't... it was a clkean shutdown... plus there was no power
    cut, because we have about 40 computers in the company, and none
    rebooted except mine...

    I'm so suspicious because I had a few times people trying to hack me,
    and 2 times they were real profis, and i believe they got through this
    time and left almost no evidence of their passing...

    >
    > > and smtg else: what ports and protocol are used when accesing a samba
    > > share? i'm talking about a broadcast network, where people should be
    > > able to access public shares from other computers, which have
    > > firewalls...
    >
    > 137-140 roughly, depending on what version of Windows you're using. I
    > noticed 2000 has lots more useless ports open than any of the others,
    > by default, sometimes including qotd, although I've not found the setting
    > to control it. Some machines it's on, some it's not. I don't know why,
    > but then I understand so little of MicroSofts products...

    I understand little about M$ too :) I found out i have an error in my
    configuration of samba, or something like that, the ports i knew were
    good: 135, 137, 138 and 139

    maybe anybody has other ideas about the weird TILDA ~ in the
    "last"-output, and what/who it was...

    >
    > --
    > PGP Key: D2729A3F - Keyserver: wwwkeys.uk.pgp.net - rich at rdrose dot org
    > Key fingerprint = 5EB1 4C63 9FAD D87B 854C 3DED 1408 ED77 D272 9A3F
    > Public key also encoded with outguess on http://rikrose.net
    >
    > To Unsubscribe: send mail to majordomoFreeBSD.org
    > with "unsubscribe freebsd-security" in the body of the message 

    -- 
"I live in my own little world - but it's ok, they know me here!"

    To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message