Attacks on my Sun Workstation at Home

[Previous Page] [Contents] [Next Page] [Next Chapter]

*This workstation is connected via a DSL line to the Internet and runs no services with the exception of sshd (secure shell daemon), SMTP (mail service), and Ident (RFC 1413).
 
*9 minutes after connecting my workstation to the Internet, I observed the first attack (on my non-existing FTP server).
 
*There is no firewall provided by the ISP, i.e. all attacks come unfiltered to my workstation.
 
*In the last month I observed 1532 attacks:

FTP service65 attacks / probes
ssh daemon7 attacks
Name service34 attacks on the UDP port,

868 on the TCP port
HTTP service156 attacks / probes
NNTP service281 probes
Printer service14 attacks
dtspcd2 attacks

 

*The attacks came from 402 different IP addresses. The largest number of entries in the logs (56 in total, and all on the HTTP port) came from another dialin provider in Rochester. The second-largest number (50 in total, and all on the UDP tcp port) came from a Swedish company (most likely a machine which is ``owned'' by some intruder).
 

[Previous Page] [Contents] [Next Page] [Next Chapter]
Copyright © 2001, 2002 Andreas Borchert, converted to HTML on April 07, 2002