[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Mailscanner for RAQ3/4 pkg available
- Subject: Re: [cobalt-users] Mailscanner for RAQ3/4 pkg available
- From: "Webmaster : Beyond2K" <Hostmaster@xxxxxxxxxxxxxx>
- Date: Thu Jul 18 07:41:00 2002
- Organization: Beyond2K
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
> I am assuming you have a firewall script, if not I can let you have a copy
> of mine to amend.
I do but it's an old one - I would be grateful if you would forward me yours. We use raq3's and raq4's so if there is a different
one for them please forward both. If you have a script which blocks everything except the standard web / email / ssh ports that
would be great. I think mine already covers it but I have no real clue how to resolve the syslogd problem.
I could understand if it was the samba on my servers trying outbound but why should others "need" to touch our boxes? Maybe it's my
severe lack of knowledge in the samba department here but the archives have been little help. As far as I can see samba is a multi
platform file and print sharing system? Which as far as I know I don't use? Are there any side effects of me blocking those ports
completely considering only I access them and all my host is required to do is push the reset button if I ask?
The log entries are as below:
Jul 18 04:23:59 ns kernel: Packet log: input REJECT eth0 PROTO=17 xxx.xxx.xxx.xxx:137 xxx.xxx.xxx.255:137 L=78 S=0x00 I=25066
F=0x0000 T=128 (#18)
Jul 18 04:23:59 ns kernel: Packet log: input REJECT eth0 PROTO=17 xxx.xxx.xxx.xxx:137 xxx.xxx.xxx.255:137 L=78 S=0x00 I=25322
F=0x0000 T=128 (#18)
Although there is a mixture of IP's, 95% are from 1 IP and it's doing it 20 times a second on average.
Thanks for all the help fellas.
Brett
B3K.net - Webmaster / Hostmaster
---------------------------------------------
The World's premier mobile phone boutique
With free SMS & free personal No's
www.b3k.net