[HECnet] 108.31.82.9/QCOCAL
Johnny Billquist
bqt at softjar.se
Mon Jun 20 11:00:16 PDT 2016
On 2016-06-20 19:30, Brian Schenkenberger, VAXman- wrote:
> Johnny Billquist <bqt at softjar.se> writes:
>
>> On 2016-06-20 18:19, Brian Schenkenberger, VAXman- wrote:
>>> ___ _ _ _ __ __ _ _ _ _ ___ _____
>>> / __| /_\ | \| | \ \ / / /_\ | | | \| | | __| |_ _|
>>> \__ \ / _ \ | .` | \ V / / _ \ | |__ | .` | | _| | |
>>> |___/ /_/_\_\_|_|\_| |_| /_/ \_\ |____| |_|\_| |___|_ |_|
>>>
>>> You've allowed this node on HECnet, so I assume somebody on this list knows
>>> who runs it.
>>
>> Who runs it can always easily be found by http://mim.update.uu.se/nodedb
>>
>>> Please have it secured! It has been used in the past several
>>> days to try and break into my system(s). It is highly irresponsible to put
>>> access credentials into its SYS$ANNOUNCE allowing ANYBODY access to DCL and
>>> other utilities that can affect systems on the internet. A reasonable way
>>> to allow access would be to have a guest account (restricted/captive) that
>>> can be used to create other login accounts. Validate such accounts with a
>>> valid email address and other schemes that will insure that whomever is on
>>> this system can be vetted in some fashion.
>>>
>>> THANK YOU!
>>
>> I'm curious about what kind of intrusions we're talking about, and over
>> which network.
>>
>> In general, I want to keep HECnet more open than what you are suggesting
>> above, but this also requires that people act responsibly. If there is
>> abuse, I'd like to know.
>
> Well, since I have not yet put any of my systems on HECnet, it should have
> been obvious that it's via the internet.
Ah. Sorry for being dense. Thanks.
So what kind of intrusion attempts are we talking about? Essentially
your issue is that someone have a machine on the internet. Getting
access on the machine is easy, and something/someone on that machine is
trying to do something to your machine?
Johnny
More information about the Hecnet-list
mailing list