Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 02-26-2008, 01:04 PM   #16
Registered: Feb 2008
Posts: 144

Original Poster
Rep: Reputation: 15

may be cause in my lan there are Windows XPs ...
Old 02-26-2008, 05:48 PM   #17
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Originally Posted by mrlinux2000
when i look at squid log i see that following : TCP_DENIED/403 1372 POST - NONE/- text/htm

is this an attack and if it is how to prevent it ??

i have fedora core 3 and using squid as proxy and i have lcoal client and using nat
Based on what you've posted here, a malicious program running on one of your Windows client boxes may be a good hypothesis for now. Is the client IP address in your squid log always the same when this happens? How frequently are you seeing these entries? Is it always trying to perform a single POST operation to the same http site?

As an aside, you really need to get your infrastructure updated. Fedora Core 3 is outdated and unsupported at this stage of the game. (Fedora is up to 8, with 9 in the works as of this writing.) When you're in a potentially hostile environment you should be running an OS that receives regular security updates.
Old 02-27-2008, 05:38 AM   #18
Registered: Feb 2008
Posts: 144

Original Poster
Rep: Reputation: 15
yes always the same ip and try that repeatdly


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Please do not attack me anasmich General 1 08-28-2007 11:48 AM
Possible Attack Jason72 Linux - Security 7 08-06-2007 06:55 PM
Does anyone see attack like this? fedora4002 Linux - Security 1 01-30-2007 05:04 PM
What to do during an attack? revenant Linux - Security 9 04-02-2004 12:18 AM
Help I am UNDER ATTACK... needamiracle Linux - Security 28 04-22-2003 12:06 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:40 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration