Re: block CodeRed/Nimda at the firewall?

From: nobodaddy (nobodaddyNO_at_SPAMinbox.lv)
Date: 05/13/03


Date: Tue, 13 May 2003 19:28:30 GMT

Kasper Dupont wrote:

> nobodaddy wrote:
>> ... I just discovered the "multiport"
>> module in iptables, seems like it'd be handy for these types of things
>> (obvious attacks).
>
> I don't know how much difference it really makes
> when I just have wo port numbers.

Yeah, I was thinking more in terms of a whole truckload of the most common
trojan ports, not necessarily those two. However, I agree; for me it's
"1434" and "17300" all day long; not worth the attention. Besides, a
couple of months from now, it'll be something else... why bother?

-- 
The other day a dog peed on me.  A bad sign.
- H.L. Mencken