[SunHELP] bsd-gw[910]: Invalid protocol request (66)
Thomas Cameron
sunhelp at sunhelp.org
Wed Apr 4 12:28:57 CDT 2001
Someone is trying to crack your systems via buffer overflow and shell
code. Notice the /bin/sh at the nonsense string.
Thomas Cameron
bruce beaudoin wrote:
>
> Hi, several hundred of these console messages (per computer) showed up
> on about half (7)
> of our Solaris2.6 & 2.7 machines last night. Not all were at the same time
> and it appears that the string echoed changes for each instance.
>
> Any ideas.
> Thanks,
> Bruce Beaudoin
>
> Apr 4 00:27:11 pic bsd-gw[9108]: Invalid protocol request (66):
> BBBXXXXXXXXXXXXXXXXXX%.72u%300$n%.106u%301$nsecurit%302$n%.1
> 92u%303$n111F1f1C]C]KMM1ECf]fE'MEEEMCCC1?A^u1FEMU/bin/sh
> Apr 4 00:27:11 pic bsd-gw[9109]: Invalid protocol request (66):
> BBBXXXXXXXXXXXXXXXXXX%.168u%300$nsecurity.%301$nsecurity%302
> $n%.192u%303$n111F1f1C]C]KMM1ECf]fE'MEEEMCCC1?A^u1FEMU/bin/sh
>
> _______________________________________________
> SunHELP maillist - SunHELP at sunhelp.org
> http://www.sunhelp.org/mailman/listinfo/sunhelp
More information about the SunHELP
mailing list