Re: nmap 113/auth on shorewall
- From: "Stachu 'Dozzie' K." <dozzie@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 17 Jun 2006 11:50:05 +0000 (UTC)
On 17.06.2006, dshesnicky@xxxxxxxxx <dshesnicky@xxxxxxxxx> wrote:
I didn't ask if you use any service from firewall. I asked if you use
IRC or FTP _anywhere_.
Someone could be using either from inside the company
through the firewall - why? I understand why your asking
No, you don't. FTP and IRC (often) use ident protocol to determine the
username on remote machine of connecting user (that is, on user's
machine). Try guess how long would be delay if you DROP packets and if
you REJECT them.
Every "how to build my first firewall" document teaches that.
but if it needs to be on I should see it in my configs. What
bothers me is that it shouldn't even be there, it makes me
wonder about shorewall to some extent.
I think what I will do is put a specific DROP rule on it to
if it changes anything.
--
Feel free to correct my English
Stanislaw Klekot
.
- Follow-Ups:
- Re: nmap 113/auth on shorewall
- From: Some Dude
- Re: nmap 113/auth on shorewall
- References:
- nmap 113/auth on shorewall
- From: dshesnicky
- Re: nmap 113/auth on shorewall
- From: Moe Trin
- Re: nmap 113/auth on shorewall
- From: dshesnicky
- Re: nmap 113/auth on shorewall
- From: Stachu 'Dozzie' K.
- Re: nmap 113/auth on shorewall
- From: dshesnicky
- Re: nmap 113/auth on shorewall
- From: Stachu 'Dozzie' K.
- Re: nmap 113/auth on shorewall
- From: dshesnicky
- nmap 113/auth on shorewall
- Prev by Date: Re: Is a terminal running as root a security risk?
- Next by Date: Re: Is a terminal running as root a security risk?
- Previous by thread: Re: nmap 113/auth on shorewall
- Next by thread: Re: nmap 113/auth on shorewall
- Index(es):
Relevant Pages
|
