On Sun, 1 Jul 2012 23:26:58 +0800 lina <lina.lastn...@gmail.com> wrote:
> Hi, > > (1) What shall I do if lots of foreign address connected to my port 53 > (details see the bottom), > Not worry about it. I get a lot of attempted connections to 53, which are all completely bogus as no public DNS server has run on this IP address for at least thirteen years that I know of, and my IP address is certainly not listed anywhere as a nameserver for any of my domains. Many connections come from China... There have been a number of BIND vulnerabilities over the years, and I'm sure MS has had a similar number, and there are a few weaknesses involved theoretically with DNS. Control of a DNS server, even a private one, is a rich prize for a cracker, so it's a heavily-attacked service. > (2) ssh: Could not resolve hostname at the same time. I wouldn't see much connection there. It sounds as if something is amiss with your DNS setup, as others have said. Your local DNS server, whatever it is, should not be open to the Internet, and there really should be no link with these external connection attempts. > > (3) Seems it's initiated by iceweasle. > Mine mostly are random, but some of them have some connection with whatever my son does by way of Internet gaming. His computer is in my DMZ. If you're browsing commercial sites, you're probably accessing many other sites without your knowledge. Just about every commercial webpage now seems to include JavaScript to connect to all the social networks known to Man, as well as various Google functions and ad trackers. I run No-Script in FF/IW (there are many other script-control add-ins) to try to minimise this rubbish, but most web designers today seem incapable of displaying anything without using JavaScript. -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120701220423.28729...@jretrading.com
