What can be done about this ?

> I believe a hacker is "port scanning" you.
>
> Various hacker tools are available to scan a remote system and report on the
> available TCP or UDP services.  These tools start off by sending the bare
> minimal packets needed to determine whether or not something is listening
> to a given port, and then break the connection short of establishing the
> full-blown protocol.
>
> So what happens on a 3K is just enough to get JINETD to attempt to spawn a
> telnet session when the tool probes port 23.  But the tool quickly breaks off
> the connection, resulting in the console messages you see.
>
> I see the same thing on my porting machine a couple of times per month.
>  First
> telnet console messages, then some BIND/iX messages as the hacker ascends up
> to port 53.

--------------------------------------------------------------------
David Burney                       Summit Racing Equipment
[log in to unmask]              330.630.0270  x. 221
                                       ------
"It's a sign of the times when your spell checker
doesn't flag profanity."   -DB
                                       ------
  All opinions expressed herein are my own and reflect,
               in no way, those of my employer.
---------------------------------------------------------------------


> --
> Mark Bixby                      E-mail: [log in to unmask]
> Coast Community College Dist.   Web: http://www.cccd.edu/~markb/
> District Information Services   1370 Adams Ave, Costa Mesa, CA, USA 92626-5429
>
> Technical Support               Voice: +1 714 438-4647
> "You can tune a file system, but you can't tune a fish." - tunefs(1M)