[CLUE-Talk] Quick firewall question
Dave Hahn
dhahn at techangle.com
Wed Jan 29 09:06:21 MST 2003
Try 'netstat -apn' . That will tell you which processes are connected
to those ports. You can decide from there if you need those ports and
processes or not.
Your firewall shouldn't really have any ports open unless you are
sending those ports through DNAT to a machine behind the firewall.
If you need ports open, try to restrict, with iptables, who can access
those ports.
-d
On Wed, 2003-01-29 at 08:56, Don Collier wrote:
> Hello all. I have a real quick firewall question. I have seen
> several hits on my firewall on about 5 separate ports. The repetition
> of this looks almost virus like on their part.
>
> The attempts try to get access to ports 3128 6588 80 8080 and 1080.
> The attempts also come from several different addresses.
>
> My computer is connected directly to the WAN with no LAN link at all.
> Only one nic. Running RH 7.3 (fully patched) with iptables fw.
--
Dave Hahn <dhahn at techangle.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue-talk/attachments/20030129/b88e33af/attachment.html
More information about the clue-talk
mailing list