At 12:55 PM 12/1/00 -0800, Carson, Chuck wrote:
>
>I have recently had some RH7 boxes on my network hacked via a brute force
>thru the lpd service. Does anyone know if there is a fix for this?
This may be a simplistic answer, but why not filter out packets headed for
your ldp service if they come from untrusted hosts (see "man ipchains")?
Heck, do this for all insecure services. The best way to do this is
probably to have your machines behind a firewall/router which filters out
suspicious traffic, failing that (if you're worried about people on the
same ethernet segment cracking your systems) I'd suggest installing a basic
set of filters and some traffic analysis tools (at the least a good
portscan detector, e.g. Portsentry from psionic.com) on every vulnerable
machine. It won't be perfect, but it will generally protect you from the
script kiddies hitting a single known exploit again and again; even if you
personally don't know of the "known" exploit.
--
Who is this General Failure, and why is he reading my hard disk?
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
