|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
LeRoy Cressy said:
<snip>
> for instance:
> ftp, http, mail, https, ssh, and etc are the ones that you could have
<snip>
> Jan 26 08:07:34 friendly kernel: Dropped Internet IN=eth0 OUT=
> MAC=00:40:05:3a:33:a5:00:02:3b:00:3d:c3:08:00 SRC=80.55.130.78
> DST=66.92.109.218 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=55479
> DF PROTO=TCP SPT=1355 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0
This is an incoming https connection (port 443), right. Why was it
blocked, if you allow https into your web server?
> I think that the port 1434 was the MS SQL worm this weekend. These are
Correct.
--
PGP Fingerprint: 0AA8 DC47 CB63 AE3F C739 6BF9 9AB4 1EF6 5AA5 BCDF
Member, LEAF Project <http://leaf.sourceforge.net> AIM: MikeLeone
Public Key - <http://www.mike-leone.com/~turgon/turgon-public-key.asc>
Registered Linux user# 201348
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|