[1876] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Help with : telnetd[...]: ttloop: peer died: Success

daemon@ATHENA.MIT.EDU (Eagle One)
Mon Jun 15 05:19:26 1998

Date: Sun, 14 Jun 1998 13:55:27 -0700
To: linux-security@redhat.com
From: Eagle One <eagleone@inorbit.com>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com


What can cause this
	telnetd[...]: ttloop:  peer died: Success

I've had several occurrences of this entry along with connections from
somewhere where no-one should be accessing my machine (via telnet)

also around same time frame :
(from tcpdump)
	activity to a port 234 at various IP addresses 
	udp port biff unreachable 

I (a novice at *nix) believe some has been accessing my machine and using
it to hide their identity and am looking for (URLs?) for information on how
find out what this person(s?) are upto, and how they are going about it.

I have discovered that "top" no longer will display any task activity.

I use the machine as an IP forwarder for a few other machines on a small
LAN.  (IP forwarding is enabled)

The Linux was installed from the latest version of Caldera Lite ( a few
months ago) Kernel version : 2.0.33

It is connected usually 24hours a day via a dynamic IP connection using
dynip.com to provide a static address to find the machine.

Obviously I could not use dynip and most likely stop the access, but dynip
has it use for me.


tia,
Eagle One


	

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post