Re: Possible firewall problem?
From: Copelandia Cyanescens (synesthesia_at_ix02x67invalid.net)
Date: 08/30/04
- Next message: KOS: "Re: PIX 501 help please!"
- Previous message: Kerodo: "Re: Possible firewall problem?"
- In reply to:(deleted message) Leythos: "Re: Possible firewall problem?"
- Next in thread: Lars M. Hansen: "Re: Possible firewall problem?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 29 Aug 2004 23:30:14 +0000
Leythos wrote...
>> I'm noticing an occasional entry in my firewall logs and I'm not sure if
>> it's a problem or not. I'm seeing a 40 byte TCP packet going outbound
>> from my local port 25 to a remote port (seems to change, but last one
>> was 4043). The remote IP address doesn't look familiar. Seems to be
>> just a random address somewhere. In the info column of the logs, it
>> just says TCP flags: RST ACK.
[...]
> Unless you have your email client open and running on your desktop, or a
> email status app (like a tray icon) running, there is no reason for your
> system to do an outbound port 25 connection.
>
> Outbound port 25 is representative of something sending email outbound
> to somewhere.
That's backwards. In general, email clients send mail using random ports
in the "thousand-something" range TO port 25. Traffic going out on port
25 would indicate a response to *incoming* mail. The above traffic would
indicate a "not listening" reply to someone attempting to send mail to
the poster's (probably non-existent) email daemon/host/server...
whatever you want to call it.
--
Peace is only better than war when it's not hell too. War
being hell makes sense.
-- Walker Percy
- Next message: KOS: "Re: PIX 501 help please!"
- Previous message: Kerodo: "Re: Possible firewall problem?"
- In reply to:(deleted message) Leythos: "Re: Possible firewall problem?"
- Next in thread: Lars M. Hansen: "Re: Possible firewall problem?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
