I'm running DSL and I get *lots* of scans.

Quoting Brian <lxy at cloudnet.com>:

> On Tue, 5 Jun 2001, Dave Sherohman wrote:
> 
> > 
> > Nah.  They're talking to portmap, not telnetd.  Those requests are
> asking
> > about available RPC services, most likely in hopes of finding a
> vulnerable
> > NIS or NFS installation.
> 
> Ok, I've heard of exploits on RPC, now I'm curious.  What's using RPC? 
> Is
> it just NIS and NFS?  I've heard of tons of RPC ports strewn about that
> can be exploited, it's the only remaining port that I'm worried about on
> my system.
> 
> back to the original question on security, port scans are part of
> life.  Kiddies all over the internet like to run their port scanners
> because they're HACKERS and they're unstoppable!  just like in the
> movie!  *rolls eyes*  Just make sure you aren't running anything
> unnecessary, like xfs, nis, nfs, etc.  Out of curiosity, are you on a
> cable modem?  I've noticed that when I was on DSL no one even looked at
> my
> box but on cable in the last week I've collected large amounts of IP
> addresses probing away at my firewall.  They've mainly been targeting
> FTP,
> which is odd, since I hadn't had ftpd up and running at that point. 
> Real
> bright ones, they are! :-)
> 
> tcp wrappers do a pretty good job, an ALL:ALL in hosts.deny lets me
> sleep
> at night anyway.  I also have a policy of denying ICMP requests on my
> outside interface just to thwart the really stupid kiddies.  Between
> these
> two I feel relatively secure.  Then just check your startup script to
> make
> sure you aren't running anything you don't need to be.
> 
> -Brian
> 
> _______________________________________________
> tclug-list mailing list
> tclug-list at mn-linux.org
> https://mailman.mn-linux.org/mailman/listinfo/tclug-list
> 
>