Security Incidents mailing list archives

Re: funky syslog entry

From: hektor () RZ RWTH-AACHEN DE (Jens Hektor)
Date: Wed, 28 Jun 2000 06:45:00 -0000


Hi,

you have seen the effect of using "rpcinfo" or something
similar that call the RPC procedure "dump" against
your machine.

Bye, Jens

Jun 24 14:39:10 * portmap[27279]:
connect from 193.40.245.45 to dump(): request from
unauthorized host

Current thread:

Re: Connections to port 635 ??, (continued)
- - Re: Connections to port 635 ?? Ben Laws (Jun 23)
  - Re: Connections to port 635 ?? Robert Graham (Jun 23)
- Nike Site taken over F_SecurityList Jo (Jun 21)
  - Re: Nike Site taken over Steve (Jun 22)
  - Re: Nike Site taken over Ex Machina (Jun 22)
    - Re: Nike Site taken over Joel de la Garza (Jun 23)
    - Re: Nike Site taken over Aviram Jenik (Jun 24)
    - Re: Nike Site taken over Valdis Kletnieks (Jun 26)
    - funky syslog entry klug (Jun 26)
    - Re: funky syslog entry Valdis Kletnieks (Jun 27)
    - Re: funky syslog entry Jens Hektor (Jun 27)
    - Re: funky syslog entry Erich Meier (Jun 28)
    - Re: funky syslog entry Sean Michael Whipkey (Jun 28)
    - blind forwards Keith McCammon (Jun 28)
    - Re: blind forwards Ex Machina (Jun 29)
    - Re: blind forwards Brock Norvell (Jun 29)
    - Re: blind forwards John Hall (Jun 29)
    - Re: blind forwards David Pick (Jun 30)
    - Re: funky syslog entry UnixGeek (Jun 29)
    - Re: funky syslog entry Chris West (Jun 29)
    - wuftp exploit Toby Miller (Jun 28)

(Thread continues...)