Suse 7.1, iptables-1.1.2-13 Another hack attempt. Does anyone think this is a problem. Dec 6 10:09:57 gringo ipppd[1320]: sent [0][LCP EchoRep id=0x22 a6 3e ea d0 fb 11 60 b5] Dec 6 10:10:05 gringo sshd[1443]: refused connect from east@210.0.202.100 (210.0.202.100) Dec 6 10:10:08 gringo ipppd[1320]: rcvd [0][LCP EchoReq id=0x23 a9 27 09 c4 00 59 62 7a] Then a bit later (20mins) Are the two related ? Dec 6 10:31:53 gringo ipppd[1320]: sent [0][LCP EchoRep id=0x9f a6 3e ea d0 3d 11 92 65] Dec 6 10:31:53 gringo sshd[301]: Generating new 768 bit RSA key. Dec 6 10:31:54 gringo sshd[301]: RSA key generation complete. Dec 6 10:32:03 gringo ipppd[1320]: rcvd [0][LCP EchoReq id=0xa0 a9 27 09 c4 3d 11 92 80]D Cheers B Marr
On Wednesday 05 December 2001 08:28 pm, Brian Marr wrote:
Suse 7.1, iptables-1.1.2-13 Another hack attempt. Does anyone think this is a problem.
Dec 6 10:09:57 gringo ipppd[1320]: sent [0][LCP EchoRep id=0x22 a6 3e ea d0 fb 11 60 b5] Dec 6 10:10:05 gringo sshd[1443]: refused connect from east@210.0.202.100 (210.0.202.100) Dec 6 10:10:08 gringo ipppd[1320]: rcvd [0][LCP EchoReq id=0x23 a9 27 09 c4 00 59 62 7a]
Weird, trying to hack through sshd? Maybe using those public flaws perhaps?
Then a bit later (20mins) Are the two related ?
Dec 6 10:31:53 gringo ipppd[1320]: sent [0][LCP EchoRep id=0x9f a6 3e ea d0 3d 11 92 65] Dec 6 10:31:53 gringo sshd[301]: Generating new 768 bit RSA key. Dec 6 10:31:54 gringo sshd[301]: RSA key generation complete. Dec 6 10:32:03 gringo ipppd[1320]: rcvd [0][LCP EchoReq id=0xa0 a9 27 09 c4 3d 11 92 80]D
To be honest, not too sure. Ever tried the security mailing list? Its low traffic, but they know there stuff. I'd be intrigued to know what they think of this (I believe you can subscribe via suse-security-subscribe@suse.com) Chris will hit me if I get this wrong I am sure :). Kind regards, Matt
participants (2)
-
Brian Marr
-
Matthew Johnson