On Mon, 2001-11-26 at 17:48, Joe M Mar wrote: > At 04:08 PM 11/26/01 -0600, you wrote: > > The output is: > tcp 0 0 *:smtp *:* > LISTEN 263/inetd > The difference is 'LISTEN 263 as opposed to what you said LISTEN 19551. > Anything wrong with my output?
Nope thats the pid of inetd listening to the port. It appears you are set up to receive mail on your machine directly. Does cat /var/log/daemon |grep refuse show anything usefull about exim refusing requests to connect? For instance my machine loves people from france trying to get to my ftp daemon, I get like 20 of these a week, 70-80% from france. Nov 25 15:51:55 richese proftpd[7332]: refused connect from AAmiens-101-1-4-7.abo.wanadoo.fr Nov 26 00:51:32 richese proftpd[10137]: refused connect from APlessis-Bouchard-101-1-5-213.abo.wanadoo.fr As an aside, people blindly searching for things like this annoy me so I set my tcpd to modify my ipchains rules to immediately deny all incoming packets from anyone foolish enough to scan. This is in addition to a good set of ipchains rules. A line in hosts.deny like follows will block people like this ALL: ALL: spawn (/sbin/ipchains -I input -y -s %a -j DENY -l -p tcp) Just be SURE to modify your hosts.allow rules for your hosts and services. That and check your firewall rules now and again to clean them out. --mike
