[plug] new CUPS exploit or an old one?
Russell Steicke
r.steicke at bom.gov.au
Mon May 16 11:50:00 WST 2005
On Mon, May 16, 2005 at 11:43:12AM +0800, Mark Dixon wrote:
...
> So, what I suggest now is that you check your logs to see what IP
> address you were using at the time of the exploit. If it shows that you
> were allocated 203.129.128.88 by EfTel at that time then mystery solved,
> the "exploit" was actually a log of activity within your own machine (or
> LAN). If you were on a different IP number at that time, then
> contacting EfTel with a report of the access would do no harm and might
> result in a warning being issued to another EfTel customer that was
> "poking around" a bit to agressively.
It could also be that someone quite innocently mis-tpyed an address in
a CUPS configuration on their own network. If that was the only
occasion, I'd file it and forget it.
--
Russell Steicke
-- Fortune says:
PENGUINICITY!!
More information about the plug
mailing list