Eeek. Refusal to access my web site under Apache.

[voidmain]

quote:Originally posted by bazoukas [The F*en Linux Militant]:
I just signed your guestbook. Prety damn fast man.

*note: VoidMan. I didnt know the link I entered was an actual web site. Am sorry dude.      

Sorry about what? Did you want me to delete/change your guestbook entry?

Side note, it's pretty funny, 2 seconds after I put the link up I was being scanned for IIS sploits.  

[ November 27, 2002: Message edited by: void main ]

[Kintaro]

Hey voidmain, i dont think you will be but would you feel like giving a homeless man  place to put some html? Basicly i was asking for webspace, and a shell account... Please?

[voidmain]

Sorry man, can't do it for national security reasons.    What happened to www.exeleven.tk?

[Kintaro]

my last host cloesed down, theres no space left on my bigpond hosting and i hate adds!

Code: [Select]

[voidmain]

You might want to think twice...

 

quote:
2002-11-27 01:50:22  system   alert  00016   Port Scan has been detected! , From 144.139.95.190/1027 to xxx.xxx.xxx.xxx/2006, using protocol TCP (on interface untrust) occurred 1
2002-11-27 01:50:16  system   alert  00016   Port Scan has been detected! , From 144.139.95.190/1027 to xxx.xxx.xxx.xxx/13721, using protocol TCP (on interface untrust) occurred
2002-11-27 01:47:57  system   alert  00016   Port Scan has been detected! , From 144.139.95.190/1027 to xxx.xxx.xxx.xxx/906, using protocol TCP (on interface untrust) occurred 1
2002-11-27 01:47:34  system   alert  00016   Port scan has been detected! , From 144.139.95.190/1025 to xxx.xxx.xxx.xxx/2028, using protocol TCP (on interface untrust)
2002-11-27 01:47:34  system   alert  00016   Port Scan has been detected! , From 144.139.95.190/1025 to xxx.xxx.xxx.xxx/4008, using protocol TCP (on interface untrust) occurred 1
2002-11-27 01:47:14  system   alert  00016   Port Scan has been detected! , From 144.139.95.190/1025 to xxx.xxx.xxx.xxx/1059, using protocol TCP (on interface untrust) occurred 1

[ November 27, 2002: Message edited by: void main ]

[Kintaro]

Cool, where do you find those logs, and your box is pretty secure.

[voidmain]

Again, I can't tell you for national security reasons.    You only hit port 80 on the web server. Actually I got that off my outer firewall (which isn't correctly identified in your scan). Your port scan was automatically detected and emailed to someone else.

[Kintaro]

I ment those logs on my computer.

[voidmain]

Just what I said, I pulled them off of my outer firewall, the one that your scan incorrectly identified. I didn't hack into your computer and get them if that's what you are thinking. That would be illegal.

[ November 27, 2002: Message edited by: void main ]

[Kintaro]

No i was wondering where i would get logs that i could use to see if people where "h4x0ring my p4nts".

[voidmain]

Well, if you don't have a hardware firewall you would pull them from your software firewall if you have it set up to log. If you are using iptables you can have it log usually to /var/log/secure, see "man iptables". And of course you could get some other utilities like snort/acid, portsentry, etc.

[ November 27, 2002: Message edited by: void main ]

[Kintaro]

cool ill be looking.

[LorKorub]

You can snort acid?

Wow....you learn all kinds of new things everyday...

[Calum]

so long as it gets a chance to seep into your body by osmosis, you can take acid in any way at all!

[Master of Reality]

hey exeleven mice try last week with your tcp and udp port scans of my computer that got you blocked (i love portsentry). But of course i found that you have a dynamic IP so you arent really blocked anymore.

[edit... i didnt read the second page]

[ November 29, 2002: Message edited by: The Master of Reality / B0B ]