20 Jun
2016
20 Jun
'16
8 p.m.
On 2016-06-20 19:30, Brian Schenkenberger, VAXman- wrote:
Johnny Billquist <bqt at softjar.se> writes:
Ah. Sorry for being dense. Thanks.
So what kind of intrusion attempts are we talking about? Essentially
your issue is that someone have a machine on the internet. Getting
access on the machine is easy, and something/someone on that machine is
trying to do something to your machine?
Johnny
On 2016-06-20 18:19, Brian Schenkenberger,
VAXman- wrote:
Well, since I have not yet put any of my systems on HECnet, it should have
been obvious that it's via the internet. ___ _ _ _ __ __ _ _ _
_ ___ _____
/ __| /_\ | \| | \ \ / / /_\ | | | \| | | __| |_ _|
\__ \ / _ \ | .` | \ V / / _ \ | |__ | .` | | _| | |
|___/ /_/_\_\_|_|\_| |_| /_/ \_\ |____| |_|\_| |___|_ |_|
You've allowed this node on HECnet, so I assume somebody on this list knows
who runs it.
Who runs it can always easily be found by http://mim.update.uu.se/nodedb
Please have it secured! It has been used in the
past several
days to try and break into my system(s). It is highly irresponsible to put
access credentials into its SYS$ANNOUNCE allowing ANYBODY access to DCL and
other utilities that can affect systems on the internet. A reasonable way
to allow access would be to have a guest account (restricted/captive) that
can be used to create other login accounts. Validate such accounts with a
valid email address and other schemes that will insure that whomever is on
this system can be vetted in some fashion.
THANK YOU!
I'm curious about what kind of intrusions we're talking about, and over
which network.
In general, I want to keep HECnet more open than what you are suggesting
above, but this also requires that people act responsibly. If there is
abuse, I'd like to know.