I'm running DSL and I get *lots* of scans. Quoting Brian <lxy at cloudnet.com>: > On Tue, 5 Jun 2001, Dave Sherohman wrote: > > > > > Nah. They're talking to portmap, not telnetd. Those requests are > asking > > about available RPC services, most likely in hopes of finding a > vulnerable > > NIS or NFS installation. > > Ok, I've heard of exploits on RPC, now I'm curious. What's using RPC? > Is > it just NIS and NFS? I've heard of tons of RPC ports strewn about that > can be exploited, it's the only remaining port that I'm worried about on > my system. > > back to the original question on security, port scans are part of > life. Kiddies all over the internet like to run their port scanners > because they're HACKERS and they're unstoppable! just like in the > movie! *rolls eyes* Just make sure you aren't running anything > unnecessary, like xfs, nis, nfs, etc. Out of curiosity, are you on a > cable modem? I've noticed that when I was on DSL no one even looked at > my > box but on cable in the last week I've collected large amounts of IP > addresses probing away at my firewall. They've mainly been targeting > FTP, > which is odd, since I hadn't had ftpd up and running at that point. > Real > bright ones, they are! :-) > > tcp wrappers do a pretty good job, an ALL:ALL in hosts.deny lets me > sleep > at night anyway. I also have a policy of denying ICMP requests on my > outside interface just to thwart the really stupid kiddies. Between > these > two I feel relatively secure. Then just check your startup script to > make > sure you aren't running anything you don't need to be. > > -Brian > > _______________________________________________ > tclug-list mailing list > tclug-list at mn-linux.org > https://mailman.mn-linux.org/mailman/listinfo/tclug-list > >