> i just recently got around to closing off my linux box and 'booby-trapping'
> tcp_wrappers. admittedly, i probably would have seen this kind of stuff befo
re
> if i had been checking my system logs regularly, but sadly i am rather lazy w
hen
> it comes to security and general system administration on my own workstation
(oh
> no, someone might try to read one of my old history papers or delete my mp3's
!
> seriously, i do understand the potential for mischief, and in my copious free
> time i plan to wipe my drive, reinstall linux, and setup tripwire or L6 or
> similar before networking it.) anyway, i am now seeing weird stuff like this
:
>
> __________________
> Sat Jan 23 19:32:46 EST 1999
> refused connection from host NRAD09.kard.akh-wien.ac.at (addr=149.148.126.9)
> user root requested service from in.telnetd[624]
> __________________
>
> should i be worried about random connection requests like this? i've also be
en
> getting identd requests from finland and imap requests from the netherlands(!
)
> what gives?
>
> thanks,
> ccg
I get these sort of connections once in awhile, I have redhat 5.2 and I ran sat
an
on it..it didn't find any vulnerabilities, thought there probably are some...I
have
never found the need to get completely panicked about this sort of thing.
Cmc