Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
Re: [suse-security] break-in
  • From: "Stefan A. Muehlenweg" <Stefan.A.Muehlenweg@xxxxxxxxxxxxxx>
  • Date: Mon, 7 Aug 2000 22:34:09 +0200 (CEST)
  • Message-id: <200008072034.WAA05804@xxxxxxxxxxxxxx>
You, ksemat@xxxxxxxxxxxxxxx, wrote:
>
> Could someone help me out with this I have responded by knocking out imap
> but there may be other avenues or it may be an innocent thing. This is
> what I have in my log.
> Aug 6 15:45:04 alpha imapd[27638]: System break-in attempt, host=infon819.jet.es
> [195.55.159.51]
> what other measures should I take?

It's an attempt, not a successful breakin.

The attacking machine is in spain, so you should inform the IRIS CERT
<cert@xxxxxxxxxx> about this attempt to attack your system. They will
do all necessary steps in spain.

Of course, all the time the CERT with the constituency for your
Country/Organization/Network/... should be informed. But I don't
think, that one exist in Uganda at this time.

You will find more information to secure your system and to find
traces of attacks at http:/www.cert.org/

Good luck,
-sam

< Previous Next >
References