7 May
2001
7 May
'01
08:42
Those IP's exist, they just don't have in-addr-arpa properly setup (i.e. number to name resolution). As for scans I generally ignore them. Here's my typical setup: allow various ports like 25, 80, etc. block tcp and udp from 1 to 20480 (yes, 20480). and then in the network startup script: echo 60000 65000 > /proc/sys/net/ipv4/ip_local_port_range and voila. Very very few services use ports >20480, apart from some RPC based ones (which you should disable anyways). Kurt Seifried, seifried@securityportal.com Securityportal - your focal point for security on the 'net