On Wed, 2005-08-03 at 01:21 +0200, Alexander Dalloz wrote: > Am Mi, den 03.08.2005 schrieb Ted Kaczmarek um 1:14: > > On Wed, 2005-08-03 at 00:32 +0200, Alexander Dalloz wrote: > > > Am Di, den 02.08.2005 schrieb Aleksandar Milivojevic um 23:06: > > > > > > > Last couple of days some of my hosts were probed for UDP port 500 (IKE daemon, > > > > used by IPSec for key exchange) from dialup IPs. Don't remember seeing similar > > > > probes before. Some new vaulnerability that script kiddies (and pro crackers) > > > > are trying out, or is this some old stuff? I do remember there were some > > > > security problems with racoon in the past (that were fixed in current CentOS > > > > ipsec-tools packages), but don't remember reading anywhere there were any > > > > automated tools to exploit it floating around. Or are there some new flaws > > > > discovered recently in some IKE implementations? > > > > > > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc > > > > > > Alexander > > > > > What relevance to Centos 4.1 does this have? > > > > Ted > > Do script kids in first instance care for the OS of the target host when > they run scripts? My reply was meant as a possible return to the part " > Some new vaulnerability that script kiddies (and pro crackers) re trying > out, or is this some old stuff?". > > Alexander > Loud and clear :-) Ted