[lug] @home... a partial ammendment..

John Starkey jstarkey at ajstarkey.com
Fri Aug 11 08:32:18 MDT 2000


> That 'No Services' issue is very easy to get around. @Home runs a port
> scanner and scans all the machines on it's network once every day or so
> looking for folks breaking 'the rules'.

Ok... So the ARE scanning. My problem or what I blame on them was still
wrong according to what you say. What really led me to that conclusion was
that I went a whole weekend with totally smooth runnings then on Monday
all the sudden I couldn't ftp over 500K without losing all @home,
including on my iMac. So it seemed that maybe their scanner was in alpha
and they weren't ready to run it 24-7 so they ran it on business days
while the big guys were in the office. But regardless if my theory was
correct they would have to catch me with in a few minutes each time. 

You know it's funny that I'm even using the word "catch". I'm trying to
download Enhydra and Oracle for pro use but I'm not allowing anyone use of
my services. 

> Using something like port sentry on your machine will detect their scan
> and modify your ipchains rules to deny packets to them. This makes you
> invisible to them. They can't scan you to see what services you're
> running. 

So for a newbie is port sentry gonna be a weekend project or is it pretty
simple. I was just blown away at how relatively easy Kernel compiles are.
Impressed with how far I've come in 10 months (so something's bound to go
wrong real soon) :}

Where can I find it?

> As an FYI @Home is a haven for script kiddies, after installing
> portsentry and iplog, I see port scans and attempts to crack about 30
> times a day. There's someone out there that has been sending packets at
> my box about 2 times a second on UDP 1015 for 5 weeks now. Contacting
> @home to have him blocked at the router level got me nowhere.

I've checked all my logs and haven't found any noticable activity. Is
there any special set-up you recommend (for picking up activity).
Because.... even though I think the recompile stopped the @home
problems... I did strengthen my firewall thanks to one really helpful
member of this list. But I didn't actually restart at the time. And only
did so once I re-compiled. Maybe the firewall changes didn't actually kick
in, because of my own ignorance, until I rebooted. And my ftp problems
were coming from a hack. I still can't upload more than 10kbps from my
mac.

TIA,

John

> -- 
>  Jeff Howell
>  EDS Unix Support
>  
>   Linux Slackware: The Ultimate NT Service Pack
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> 





More information about the LUG mailing list