On Mon, 11 May 1998, Jack Kern wrote: > On Mon, May 11, 1998 at 06:20:03PM -0300, Trevor Barrie wrote: > > I was running fetch this afternoon, and noticed it was downloading messages > > for a couple of groups I don't read (my system is single-user)... checking > > the "interesting groups" directory found that they were in fact listed. > > Does anybody know what could cause this? > > IIRC, the docs mention something about cross-posting causing this. I > figured it meant that if one read an article in one group which article > was also posted to another, then that other group may become another > "interesting group".
That doesn't sound right... I've been using leafnode for a while, and consequently have seen lots of cross-posted messages, but this has only > > I've heard tell of people latching onto > > somebody's system whose security wasn't properly set, but I only have > > an intermittent PPP connection with a variable IP address, so I didn't > > think that could be a problem (how would somebody find my machine?) > > I didn't think so either but attempted telnet intrusions do occur quite > frequently on intermittent connections. For some reason or other people > are actively scanning for news servers. grep your syslog for > in.telnet.d and you might be surprised. No telnet attempts, but I did find a couple of cases where people from sites I didn't recognize had in fact connected to my leafnode server. (I had actually poked around /var/log for evidence of tampering earlier, but wasn't sure which files to check.) So how do I stop this? I added a "leafnode: ALL" line to hosts.deny and "leafnode: LOCAL" to hosts.allow... should that do the trick? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
