Re: Bizarre connections from and to a FC7 unattended

To: For users of Fedora <fedora-list@xxxxxxxxxx>
Subject: Re: Bizarre connections from and to a FC7 unattended
From: Thomas TS <ttsoares@xxxxxxxxxxxxxxx>
Date: Tue, 24 Jul 2007 21:42:22 -0300
In-reply-to: <20070723125905.42c7c71f@xxxxxxxxxxxxxxxxxxxxx>
References: <1185185123.3046.8.camel@xxxxxxxxxxxxxxxx> <46A4EB1F.5080003@xxxxxxxxxxxxxxx> <20070723125905.42c7c71f@xxxxxxxxxxxxxxxxxxxxx>
Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>
User-agent: Thunderbird 2.0.0.0 (X11/20070326)

stan wrote:

It is possible, depending on how you are logging the TCP packets
that you are seeing failed attempts rather than actual connections.

...

Then run it with the fresh copy to see if it finds any infestations.
Not perfect, but should catch crackers that aren't skilled.

This is a brand new install.
Never was exposed to the Internet directly, always behind a NAT.

Yum auto-update is running and working fine.

What i can not accept is a huge UPload from this system to one of thosesuspect IPs, from a process not started by me !!!

Follow-Ups:
- Re: Bizarre connections from and to a FC7 unattended
  - From: Michael Schwendt

References:
- Searching kernel-headers / kernel-devel 2.6.21-1.3228.fc7 Packages
  - From: Schlueri
- Bizarre connections from and to a FC7 unattended
  - From: Thomas TS
- Re: Bizarre connections from and to a FC7 unattended
  - From: stan