> Do you need anonymous ftp running? There are exploits to the FTP
> servers. (Check the hack pages for info) I think the lasted rpm from
> redhat fixes the obvious holes. I've been seeing a ton of port scans
> myself recently. I never did get SATAN running but I was able to get
> Saint compiled and it does a pretty good scan of vulnerabilities.
Morrow Long (Internet Security Officer for campus) does periodic scans of
all systems on the net using ISS (don't ask me what it stands for :). You
could either download a beta from the company (I can look up their WWW
site for you) and scan your own system, or possibly ask him to scan your
site. In either case, I was impressed with the programs ability to find
holes.
As for the port scans, we get a lot of them on campus. I used to see one
or two a day for a period. It's since dwindled to about once a week or
so. 90% of the scans on my system appeared to be using MSCAN or some
other prepackaged program (Made for Idiots (tm)). MSCAN should fail to
find anything if you're using the latest (read last couple months) rpms.
Michael
----------------------------------------------------------------------
Michael Osier = michael.osier@yale.edu | "He is not well rounded who does
http://chloe.hgs.yale.edu/~og/ | not have an equally keen interest
BS Biochemical Science - UVM | in all of the things within the
Yale University | compass of painting."
Human Genetics - Og | Leonardo da Vinci