I think that's 'echo 0 > paranoia' but yeah that's about the size of it.
Perhaps a coincidence - I mentioned the port 12200 source stuff as being a script - it's just looking for something to respond (when it does, the actual controller box will make a connection and do it's thing). For just looking at an "are you alive" type response, a single computer can test a /8 (a former "Class 'A'") address range in about 17 minutes, all by itself. That limit is set by the 10 MHz bandwidth of the old style Ethernet. If it's on a 100BaseT net, it's about twice as fast.
As for the username-password stuff - be glad you aren't running a publicly visible SSH server on port 22. They get pounded trying all kinds of common usernames/passwords.
The only service that I offer (SSH) is limited to 3 subnets - 1530 addresses in total. Cuts the noise down substantially.
It's telling you - "Apple Bonjour". You've got a Linux box running Avahi, or a Mac. I'm betting on the Linux box, so try 'locate avahi' to find the documentation.
Depends on what you are doing with FTP. There are tens of thousands of FTP sites on the Internet that allow anonymous downloads. I don't do windoze, but for Linux, you should be aware of places like ibiblio.org (the former sunsite.unc.edu, which was renamed metalab.unc.edu before it's current rename), 'distro.ibiblio.org' and the site specific to your Linux distribution. These sites are giving software/files away, and all you need is the username ('ftp' or 'anonymous') and your email address as password. Nothing to hide or secure, so FTP is fine.
Other sites restrict access to specific users, and may even allow uploads. For this, FTP is less suitable, primarily because the username and password go over the net as clear text - visible to anyone using a packet sniffer. 'sftp' or similar protocol using encrypted networking, is a more robust solution.
Still other sites have even tighter restrictions. For that, one-time authentication methods (often involving security tokens like SecurID (Security Dynamics Co - now rsa.com) or CryptoCard (cryptocard.com) or similar are more desirable.
It's a bit dated, but see "Practical UNIX and Internet Security, Third Edition" by Garfinkel, Spafford, and Schwartz (O'Reilly and Associates, ISBN 0-596-00323-4, 984 pgs, Feb. 2003, US$55).
TOTAL IPv4 3006793288 addresses 100341 networks TOTAL IPv6 11064.336853 x 10e30 addresses 4377 networks
The _smallest_ IPv6 assignments are four /64s (in the UK, Hong Kong, Japan and Korea), and each one contains 18,446,744,073,709,551,616 (18.45e18) addresses - about 4.3 billion times all of IPv4 space. The next larger assignments/allocations are 676 /48s which are 65536 times larger.
It's clear from logs that they do not know my ftp server is "anonymous" but requires any email address in the field! So they keep trying to find the above. So I conclude that they do not really know much about it. And it has no classified info, ever, so my concern is strictly theoretical.
Even the second edition (April 1996, ISBN 1-56592-148-8 1004 pgs) is good reading and mainly still valid if you find a copy in a used book store or library. Another good reading source in the HOWTOs from the Linux Documentation Project. These used to be part of every install (now put in /usr/share/HOWTO), If you're in North America, try ftp://ibiblio.org/pub/linux/docs/HOWTO/ (also available as http://) or
formatting link
There are 450+ documents (~3.9 million words, ~11,700 pages) there alone - start with
280957 Jan 19 14:15 HOWTO-INDEX 136805 Jan 19 14:15 INDEX
which gives brief descriptions of each one. Another site to look at is
formatting link
which has a number of other howtos relating to firewall techniques using Linux. And yet another site is
formatting link
which has 47 entire books available in several formats from raw ASCII, HTML and printer ready PDFs or postscripts. An example is:
Securing & Optimizing Linux: The Ultimate Solution version: 2.0 author: Gerhard Mourani, last update: July 2002 available formats: 1. PDF (6.2MB) 2. Example server configuration files (tar file; described in book as "floppy.tgz"). Mastering security with Linux and getting the maximum out of your system have never been easier. Securing & Optimizing Linux: The Ultimate Solution (v2.0) has been written and achieved with tightening security to an incomparable level in mind. One of its main features is the easy path from beginning to end in a smooth manner, step by step for beginners as well as for experts. More information (and updates) available from:
formatting link
older version: Securing and Optimizing Linux Red Hat Edition - A Hands on Guide version: 1.3 author: Gerhard Mourani, last update: August 2000 available formats: 1. HTML (read online) 2. HTML (tarred and gzipped package, 1.5MB) 3. PDF (4.9MB) 4. Example server configuration files (tar file; described in book as "floppy.tgz").
All of this is free for your download.
1635 How to Use Anonymous FTP. P. Deutsch, A. Emtage, A. Marine. May 1994. (Format: TXT=27258 bytes) (Also FYI0024) (Status: INFORMATIONAL)
Makes you wonder, doesn't it. RFC1635 has been around for 16 years, but they're sure you've got the good stuff hidden there, and they have to work to find it. ;-)
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.