Mostly harmless (corto) wrote,
Mostly harmless
corto

  • Mood:

LINUX problem

Is there a linux community?
:
member my hacked server? well I locked it up, tight as a drum (ipchains) and secured it in other ways, and things were fine. Sendmail was always functioning but mail client connections from the "internal" network were being refused... that was the tip-off. That was repaired and all was well... AFTER the lock down.
Mail, telnet, and ftp were all good-to-go for a week... then BANG. Mail clients cannot connect. Telnet connections are "refuesed" as are ftp sessions - from the internal network!!!

I can't even telnet to the server hostname from the fricking console! Log in as root telnet hostname "connection refused..."

- I've checked /etc/inetd.conf (it's fine),
- hosts.deny and allow are blank,
- ipchains rules do not exclude internal network connections (i'm going back to the console to re-verify the rules one at a time!!!)
- root password is being changed every 24 hours
- the 'secure' log is fine... nothing odd...
remember the problem just appeared... I have no event I can point to ... so I was thinking hackers but I cant see where they got in... although if they did come in through named (it's a dns server! as well as a sendmail host) what the hell did they do? to make the system refuse telnet sessions from the inside. ???
Subscribe

  • shiver

    You know that shiver you get through your shoulder blades and down your back when you feel cold. Maybe you’ve just left the restaurant and you’re…

  • selfie

    as I read and read and read about "Selfies"... I quietly say to myself... "um... yeah, tell me again how selfies are a new thing." lol. :)

  • Monday, February 17, 2014

    Hiya. :) Today was one of those “oh look… LJ is still there” days. Oh how I miss the old days when LJ was pretty much a playground filled with my…

  • Post a new comment

    Error

    default userpic

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 3 comments