Help with my LIDS
This is a discussion on Help with my LIDS within the Linux Security forums, part of the System Security and Security Related category; Hi, I consider old dude here. I am having problem with LIDS indicating portscan. Its normal but why this messages: - - ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-13-2004
|
|||
|
|||
Help with my LIDS
Hi,
I consider old dude here. I am having problem with LIDS indicating portscan. Its normal but why this messages: - - LIDS: killall5 (dev 3:1 inode 23497) pid 14278 ppid 14274 uid/gid (0/0) on (null tty) : Port scan detected: 66.230.239.174 scanned 31 closed ports including 0 ports < 1024) - - why killall5 making a with portscaning from another hosts.. as far as i knew all ports are block in my firewall rule tables. any experience over this, please help me out! I am hosting public shell, i confident its is hacked then attempted.. am i ? thanks, jsuthan to make this look even worst.. here more: LIDS: soffice.bin (dev 3:1 inode 246619) pid 16520 ppid 1 uid/gid (1000/104) on (null tty) : Port scan detected: 202.188.0.133 scanned 18 closed ports including 0 ports < 1024) LIDS: soffice.bin (dev 3:1 inode 246619) pid 16520 ppid 1 uid/gid (1000/104) on (null tty) : Port scan detected: 202.188.0.133 scanned 14 closed ports including 0 ports < 1024) - logging disabled for (60)s LIDS: soffice.bin (dev 3:1 inode 246619) pid 16520 ppid 1 uid/gid (1000/104) on (null tty) : Port scan detected: 216.239.115.140 scanned 17 closed ports including 0 ports < 1024) LIDS: (undetermined program) pid 0 ppid 0 uid/gid (0/0) on (null tty) : Port scan detected: 69.196.146.116 scanned 19 closed ports including 0 ports < 1024) LIDS: (undetermined program) pid 0 ppid 0 uid/gid (0/0) on (null tty) : Port scan detected: 64.33.79.227 scanned 11 closed ports including 0 ports < 1024) LIDS: (undetermined program) pid 0 ppid 0 uid/gid (0/0) on (null tty) : Port scan detected: 66.230.239.174 scanned 19 closed ports including 0 ports < 1024) LIDS: (undetermined program) pid 0 ppid 0 uid/gid (0/0) on (null tty) : Port scan detected: 66.230.239.174 scanned 25 closed ports including 0 ports < 1024) - logging disabled for (60)s LIDS: (undetermined program) pid 0 ppid 0 uid/gid (0/0) on (null tty) : Port scan detected: 66.230.239.174 scanned 33 closed ports including 0 ports < 1024) LIDS: (undetermined program) pid 0 ppid 0 uid/gid (0/0) on (null tty) : Port scan detected: 202.157.185.75 scanned 21 closed ports including 0 ports < 1024) LIDS: (undetermined program) pid 18902 ppid 17498 uid/gid (0/0) on (null tty) : Port scan detected: 202.188.0.133 scanned 13 closed ports including 0 ports < 1024) LIDS: afio (dev 3:1 inode 17394) pid 17498 ppid 17485 uid/gid (0/0) on (null tty) : Port scan detected: 202.188.0.133 scanned 18 closed ports including 0 ports < 1024) - logging disabled for (60)s LIDS: gzip (dev 3:1 inode 45) pid 28020 ppid 17498 uid/gid (0/0) on (null tty) : Port scan detected: 202.188.0.133 scanned 14 closed ports including 0 ports < 1024) LIDS: gzip (dev 3:1 inode 45) pid 28020 ppid 17498 uid/gid (0/0) on (null tty) : Port scan detected: 202.188.0.133 scanned 11 closed ports including 0 ports < 1024) - logging disabled for (60)s LIDS: (undetermined program) pid 0 ppid 0 uid/gid (0/0) on (null tty) : Port scan detected: 69.56.151.17 scanned 12 closed ports including 0 ports < 1024) LIDS: (undetermined program) pid 0 ppid 0 uid/gid (0/0) on (null tty) : Port scan detected: 69.56.151.17 scanned 13 closed ports including 0 ports < 1024) why? 
|
Linear Mode
