Pages: [1] Go Down

secure log-unknown ftp connection

alex

secure log-unknown ftp connection

« on: November 02, 2001, 04:40:19 PM »

hi,

short question:
does the "blade" update funktion write something like this?
=========================================================
Oct 30 19:15:52 db01 xinetd[480]: START: ftp pid=3095 from=212.216.204.100
Nov 1 18:04:14 db01 xinetd[486]: START: ftp pid=1669 from=193.251.2.70
=========================================================

thanx, alex

Logged

Rich Lafferty

Re: secure log-unknown ftp connection

« Reply #1 on: November 02, 2001, 05:34:30 PM »

The blades functionality uses outgoing ssh connections, not
incoming FTP connections. Also, those connections are from
a-na28-5.tin.it and ANantes-101-1-1-70.abo.wanadoo.fr, neither
of which are related to Mitel.

That said, it's not uncommon for "script kiddies" to scan
entire blocks of addresses looking for vulnerable systems;
it's normal to see *some* spurious connection attempts to
well-known services like FTP and HTTP.

Hope this helps,

-Rich

Logged

Pages: [1] Go Up

« previous next »