Re: Root kits and host.deny
- From: Edward Krack <eddie_krack@xxxxxxxxx>
- Date: Thu, 8 Dec 2005 20:09:26 -0800
Frynge.com Support:
> 1: Does anyone know without a firewall how to block an ip through the
> hosts.deny or any other secure method?
>
> is it
> ALL: 211.174.53.89 : DENY
You can use the "KNOWN" wildcard.
A better way to block all services not explicitly defined is to make the last
entry in hosts.allow
ALL : ALL : DENY
removing the need for a hosts.deny.
> 3: Also, do you have anywhere you can send ips like the above, to either
> report them, (i am going to report it to his isp he is in korea - but I am
> waiting to do things to him possibly)
Distributed Intrusion Detection System
DShield.org
> [root@oannes chkrootkit-0.46a]# ./chkrootkit -q
> Possible t0rn v8 \(or variation\) rootkit installed
Give rkhunter a gander.
http://www.rootkit.nl/
Krack
- References:
- Strange found in apache error.log
- From: kc
- Root kits and host.deny
- From: Frynge.com Support
- Strange found in apache error.log
- Prev by Date: Re: Forcing Firefox Image Load Block List to client computers.
- Next by Date: RE[4]: Finding web servers with nmap
- Previous by thread: Re: Root kits and host.deny
- Next by thread: Re: Root kits and host.deny
- Index(es):
Relevant Pages
|
