[ILUG] Strange firewall log enteries [?hacking attempts]
Conor Daly
conor.daly at oceanfree.net
Tue May 11 23:16:35 IST 2004
On Tue, May 11, 2004 at 06:40:34PM +0100 or so it is rumoured hereabouts,
Timothy Murphy thought:
> On Tuesday 11 May 2004 14:10, Dermot McGahon wrote:
>
> > > Is there a tutorial for the simple-minded anywhere
> > > on how to check one's firewall?
> >
> > Nessus was a good suggestion. nmap it from a machine
> > outside of your network is another to see what services
> > are running on which ports.
>
> Thanks, I'm looking at Nessus now --
> it seems more or less what I want.
>
> > > Final question: why did I put
> > > ==================================
> > > $IPTABLES -A INPUT -p tcp --sport 6881:6999 -j ACCEPT
> > > $IPTABLES -A INPUT -p tcp --dport 6881:6999 -j ACCEPT
> > > ==================================
> > > in my rc.local ?
> >
> > Bittorrent.
>
> I remember now, I started to download Fedora-1 with BitTorrent,
> but then decided it might annoy Sir Anthony O'Reilly if I continued,
> so turned to a straight download.
> I've removed these strange lines from my rc.local .
Now, remember how somebody said there were iptables save routines in use
in RH/fedora? It's possible that these rules have been saved and will
still show up even though they're gone from rc.local. What you do to get
rid of them in that case, I don't know...
Conor
--
Conor Daly <conor.daly at oceanfree.net>
Domestic Sysadmin :-)
---------------------
Faenor.cod.ie
11:26pm up 201 days, 15:34, 0 users, load average: 0.00, 0.00, 0.00
Hobbiton.cod.ie
11:14pm up 50 days, 2:42, 1 user, load average: 0.16, 0.08, 0.03
More information about the ILUG
mailing list