| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] suspicious behavior
Hi all,
We have Firewall-1 3.0b on Solaris 2.6 it stands between our secured
internal network ip's are (x.x.x.x) which are class A addreses and the
external ip's ( y.y.y.y ) which are class C real IP addresses and of
course the Internet . all the outside world and including all our real IPs
that are outside the firewall machine are not allowed to telnet into any
of the internal hosts x.x.x.x and of course the firewall machine itself.
today i noticed a strange suspicious behavior when I am logged on any host
with a real ip y.y.y.y i noticed :
1) when trying to log into the firewall machine ( using telnet ) it gives:
connect to address ( firewall address ) : connection refused
then connected to hostname.ourdomain
Escape character is '^]'.
(tntx.chiega) Enter password:
where is x is the internal ip of the firewall machine
2) when trying to log into any of the internal ips ( using telnet ) it
gives
Trying x.x.x.x
Connected to x.x.x.x
Escape character is '^]'.
(tntx.chiega) Enter password:
I dont know how this happens and what tntx.chiega means , that
make me confused and suspicious. I will highly appreciate any comments or
clarifications
best regards
-------------------------------------------------------------------------
Raed Al-Zou'bi
Systems Engineer
Computer Center
Jordan University of Science and Technology
P.O. Box 3030 - 22110
Irbid - Jordan
Phone : 962 2 7095111 ext. 23365
Mobile: 962 79 601339
Fax : 962 2 7095011
--------------------------------------------------------------------------
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
