On Fri, 04 Jun 2004 20:20:09 +0200, "Bojan Baros" <[EMAIL PROTECTED]> wrote:
> Matthijs said: > > Jun 4 07:30:54 MyMail kernel: UDP: short packet: 24.5.180.234:10030 > > 2167/119 to 192.168.1.2:10768 > > > > I'm not really interested in what these packets are for (I guess some > > kind of worm/DoS related packets), but I'm more interested in the > > source of the packets: 24.5.180.234 is *outside* my network. > > > > This Linux machine is located behind a hardware router with build-in > > SPI firewall (Linksys WRT54G, in case you're interested). It should > > prevent unwanted packets to uninteresting ports to enter my network. > > I've just double-checked the port-forwarding section and packets to > > 10768 or 10030 are definitely NOT forwarded. > > > > Can anybody explain what is going on here? > > > > Try playing with nmap from another location. Will ask a friend to do that, in the near future... > It is common that firewalls do not block UDP packages because they are > considered harmless, since they do not establish a connection. That is, > until slammer came around. That last sentence worries me a bit. What would you advice: - Just ignore it & keep my software up to date; - Add (another) firewall to my system, especially for UDP packets; - Just add a firewall program to this Linux machine; Anyway, thanks for the explanation! -- Matthijs [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
