>
> Why do we all have to look stupid (myself included) and say "what if" when
> we can just do it.
>
> fubar:~$ telnet pm1
> Trying 205.229.48.10...
> Connected to pm1.fdt.net.
> Escape character is '^]'.
>
>
> ComOS - Livingston PortMaster
>
> login: !root
> Password:
> Invalid Login
>
> Jul 12 03:18:01 pm1 user: host fubar.fubar.fdt.net admin login failed
Ok... so upgrading to comos 3.5 is the answer to this problem. Cool
>
> Ok...so the PM does syslog failed !root logins....good portmaster. Sit
> portmaster....I'm running 3.5.
>
> This was mentioned just the other day. Why does the net need to reach
> your PM's at all? Why should I even know you have PM's? My PM is totally
> packet filtered from the net (except for a hole in the filter so one host
> at livingston.com can hack me...or at least upgrade ComOS and help debug
> the vanishing BRI's I used to have.) Speaking of those, I've not seen it
> happen for some time. Going from the HD cable to individuals and
> upgrading to 3.3.3 simultaneously fixed it. I've since changed
> everthing...HellSouth decided to reterm our BRI's as demux'd T1 (using
> Conklin BriteMuxes) and when they did that, I went back to using HD
> cables, and still no problems.
Hmmm... my greatest fear, without the advantage of researching this, is if
you block all packets to the portmaster are you in fact blocking your
customers access from the net? Obviously the answer to that question is
no, but at the risk of international embarrassmentm how do you set the
filter up that way?
Rob
Systems Programmer "Open the doors of your stores
rob@fgi.net 24 hours a day"
morgan@springpatch.com Springpatch Mall
http://www.springpatch.com