rpc.statd odd log entry... invalid hostname?

Dan Nelson dnelson at allantgroup.com
Thu May 8 09:20:28 PDT 2003

In the last episode (May 08), Dave [Hawk-Systems] said:
> noticed the following during a log audit...  anything to worry about?
> May  7 00:20:29 isp2 rpc.statd: invalid hostname to sm_stat:
> ^X÷ÿ¿^X÷ÿ¿^Y÷ÿ¿^Y÷ÿ¿^Z÷ÿ¿^Z÷ÿ¿^[÷ÿ¿^[÷ÿ¿%8x%8x%8x%8x%8x%8x%8x%8x%8x%236x%n%137x%
> n%10x%n%192x%nM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-

Looks like an attempt to exploit
http://www.cert.org/advisories/CA-2000-17.html .  FreeBSD was never

	Dan Nelson
	dnelson at allantgroup.com

More information about the freebsd-questions mailing list