[CLUG] So, you think you're safe?
Collins_Paul at emc.com
Collins_Paul at emc.com
Mon Apr 3 09:52:08 IST 2000
> From: Donncha O Caoimh [mailto:donncha.ocaoimh at tradesignals.com]
>
> I wrote a small article on Portsentry, it's available at
> http://cork.linux.ie/articles/safe.php3
I set up ipchains on my box at home when I found two telnet attempts in my
log files. I've seen a few connect attempts, mostly to port 119 (ident, I
think), from a machine that appears to be an Exchange server. Freaky.
Does PortSentry offer anything above and beyond plain ipchains in terms of
protection (obviously ipchains won't send you mail if there someone attempts
to connect to you)?
The stuff I have done is udp and tcp ports 0-1023 and 6000-6010 set to DENY;
is there anything else I should be doing? (I'm thinking about suppressing
ping replies.)
Paul.
More information about the Cork
mailing list