Re: 'nother IPFW question

From: Matt Dillon (dillon@earth.backplane.com)
Date: 05/25/01 

Date: Fri, 25 May 2001 12:20:06 -0700 (PDT)
From: Matt Dillon <dillon@earth.backplane.com>
To: "tjk@tksoft.com" <tjk@tksoft.com>, memphis_ms@gmx.net (Raoul Schroeder), David Taylor <davidt@yadt.co.uk>

    Whup! Not pop. Auth. It's probably sendmail. In anycase, not anything
    that generally needs to be worried about.

    I usually do not run identd, but I usually do allow the service
    through the firewall so the server not running it can respond with a
    TCP reset. Otherwise remote sendmails using auth will stall trying
    to send email to you for ~30 seconds. Alternatively the firewall can
    be programmed to return an ICMP error itself, but I try to avoid
    having the firewall do actual work to make it more resistent to DOS
    attacks.

                                                -Matt

:> :only learning about securing my box, and it is hard to find all the info
:> :I need.
:> :
:> :Thank you so much,
:> :
:> :Raoul
:>=20
:> Sounds like one of your users simply ran a pop based mail program.
:>=20
:
:Wrong port, I think :)
:
:POP is 110.
:
:113 is auth.
:
:Sounds like someone on a remote server connected to some port on your box,
:which tried to perform an ident lookup...
:
:As for what is 'sending on port 1119', ports which are used on the local end
:of outgoing connections are essentially random, and are allocated by the
:kernel when you try to create an outgoing connection.
:
:--=20
:David Taylor
:davidt@yadt.co.uk

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: How to Maintain an IIS Server?
    ... > server running on a Windows 2000 server. ... before a firewall and antivirus have been installed]. ... open ports; however, this will not identify which program is using the port. ...
    (microsoft.public.inetserver.iis.security)
  • Re: CEICW fails at firewall config
    ... ISA Server prevents connection to a remote desktop when you connect through ... Remote Web Workplace on a Windows Small Business Server 2003-based computer ... Acceleration Server as a firewall. ... connection uses TCP port 4125. ...
    (microsoft.public.windows.server.sbs)
  • Re: How to Maintain an IIS Server?
    ... >> server running on a Windows 2000 server. ... > before a firewall and antivirus have been installed]. ... > program or executable using that port. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Activesync / Airsync - Alternative Ports
    ... Setup a reverse HTTP proxy. ... Another idea is to use the PPTP capabilities of a Windows Server to allow ... Satellite - Cisco Firewall - Exchange Server ... So on the server side you would configure the port 80 to redirect to ...
    (microsoft.public.pocketpc.activesync)
  • Re: Activesync / Airsync - Alternative Ports
    ... "Chris De Herrera" wrote: ... Another idea is to use the PPTP capabilities of a Windows Server to allow ... Satellite - Cisco Firewall - Exchange Server ... So on the server side you would configure the port 80 to redirect to 8888 ...
    (microsoft.public.pocketpc.activesync)