Re: Attemted Theft of Services via FTP

Subject: Re: Attemted Theft of Services via FTP
From: Ryan Mesler (kraylus@airmail.net)
Date: Fri Mar 01 2002 - 21:28:22 MST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Trevor J. Mahan: "Re: USB to ADB"
• Previous message: Zeke Runyon: "Re: Attemted Theft of Services via FTP"
• In reply to: Zeke Runyon: "Re: Attemted Theft of Services via FTP"
• Next in thread: Michael Tucker: "Internet Law (was:Re: Attemted Theft of Services via FTP)"
• Next in thread: Robert Brandtjen: "Re: Attemted Theft of Services via FTP"
• Reply: Ryan Mesler: "Re: Attemted Theft of Services via FTP"

best bet is to go into /etc/hosts.allow and /etc/hosts.deny

in the deny file put in ALL:ALL

in the allow file, put in specific IPs, domains, etc. you can even specify a
certain range of IPs. for example... lets say your dialup always has the
same first three numbers. putting in the first three numbers and a dot will
allow any IP beginning with 207. access to your box.

it's a handy way to keep hackers out. anyone who is not allowed access to
your box will not get access. simple as that (be sure to allow your internal
IP access...)

R.L. Mesler <Kraylus>
Call me Kray

If at first you don't succeed, call it version 1.0

ICQ: 45088864
AIM: Kraylus
----- Original Message -----
From: "Zeke Runyon" <zrunyon@mac.com>
To: <yellowdog-general@lists.yellowdoglinux.com>
Sent: Friday, March 01, 2002 10:24 PM
Subject: Re: Attemted Theft of Services via FTP

> Not to turn this into a "talk about all yer attacks on yer box", but I
> just want to throw in one.
>
> I had really really bad Apache HTTPD configuration, allowing 150
> MaxRequestsPerChild or so. I didn't pay much attention to that when did
> the conf file (I had based it largely on the server my website was
> hosted on, a superstrong superfast Solaris box). One day, my internet
> connection seems verrry slow. I look at my hub and the light to my linux
> box is blinking like crazy. I go into the apache logs and find that some
> guy from Europe (on EOL) was requesting an 8mb mp3 every second or so,
> for an hour!
>
> I learned my lesson and went back to the configuration file.
>
> Are these things some sort of bot or something? The IP address went
> strait to the biggest file hosted and downloaded it a couple 100 times.
> Once I had my configuration file only allowing 5 MaxRequestsPerChild, I
> still had strang european IPs going strait for the big mp3s and
> downloading them as much as they could.
>
> I hate hackers (or bots, or script kiddies, or whatever the hell it was)
>
> :::
>
> # Zeke Runyon, zrunyon@mac.com
> # web: http://communistsquirrel.home.dhs.org/ (formerly zekeworld)
> # linux: http://gloin.dyn.dhs.org/, email: zekemon@gloin.dyn.dhs.org
> # PGP key fingerprint = 7084 3BA2 9BC3 9024 2840 F0AF B9F4 37EB 827E
> 6A7D
> # ( i am ZEKE, squirrel king, lord of woodland fauna ! )
>

• Next message: Trevor J. Mahan: "Re: USB to ADB"
• Previous message: Zeke Runyon: "Re: Attemted Theft of Services via FTP"
• In reply to: Zeke Runyon: "Re: Attemted Theft of Services via FTP"
• Next in thread: Michael Tucker: "Internet Law (was:Re: Attemted Theft of Services via FTP)"
• Next in thread: Robert Brandtjen: "Re: Attemted Theft of Services via FTP"
• Reply: Ryan Mesler: "Re: Attemted Theft of Services via FTP"

This archive was generated by hypermail 2a24 : Fri Mar 01 2002 - 21:43:14 MST