On Sun, 8 Nov 1998, Christoph Kukulies wrote:
> In our campus network we are increasingly observing port
> scan attacks from outer sites on port 1080 (socks).
>
> Does anyone know of any recent security hole related to this service
> on any platform (possibly linux - but I want to be prepared wrt FreeBSD).
I've noticed a spate of these lately also.
If a socks service is accessible from the outside internet then that is
itself a security issue. It's useful to anyone who wants to bounce
through your machine on the way to hacking something else. When that gets
traced you get some administrator giving you urgent calls to try to find
out where the connection is coming from.
Make sure the socks service is blocked and logged at the firewall (if you
run it) and then if you've got the time, contact the administrators
upstream (probably owners of misused socks services).
Andrew McNaughton
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message