port 80 closed, Firewall up and still accepted??
/var/log/warn came up with: my firewall2 is up, Apache not running.... why is it accepted?? piet ct 23 21:22:41 photoserver kernel: SuSE-FW-ACCEPTIN=ppp0 OUT= MAC= SRC=217.85.113.150 DST=213.17.111.20 LEN=52 TOS=0x08 PREC=0x00 TTL=118 ID=48926 DF PROTO=TCP SPT=64687 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0 OPT (020405840103030001010402) Oct 23 21:22:42 photoserver kernel: SuSE-FW-ACCEPTIN=ppp0 OUT= MAC= SRC=217.85.113.150 DST=213.17.111.20 LEN=52 TOS=0x08 PREC=0x00 TTL=118 ID=49160 DF PROTO=TCP SPT=64687 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0 OPT (020405840103030001010402) Oct 23 21:22:42 photoserver kernel: SuSE-FW-ACCEPTIN=ppp0 OUT= MAC= SRC=217.85.113.150 DST=213.17.111.20 LEN=52 TOS=0x08 PREC=0x00 TTL=118 ID=49426 DF PROTO=TCP SPT=64687 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0 OPT (020405840103030001010402)
-----BEGIN PGP SIGNED MESSAGE----- Hi Piet!
/var/log/warn came up with: my firewall2 is up, Apache not running.... why is it accepted??
Iptables accepts the connection request, probably because you have set FW_SERVICES_EXT_TCP="http", whether or not Apache is actually running. The request will be rejected by the kernel, however, if no service is listening to TCP port 80. If you scan your system, the port should be reported as closed. Regards, Andy - -- Andreas J. Mueller email: <andy@muelli.net> PGP RSA Public Key ID 0x3D41D941 FP: ED261973D51D3D20 C840B0542E69F602 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (MingW32) iQC9AwUBPbcAPfobN5o9QdlBAQHWPgVAms4XojTwU25iVynfzmzrMGcfxOMnUf5y eMPUNDGlqE/2rU+6BatI20TVpiQPDaOXqEs4bw1ke+dkct0FhOEqKPmBVQvmB8aG VzOSzmfIlJbtiz02RSswcFQsvJpj4xyhgM+uH54JZDoLxUs6Yv44mkej7v4v6cic Xfxe6mxTeh9Hbdz2LBahIloZLzZblYlBqK4Rjn1G6SFS28qnPBou5rMv+Cr8PoL1 =XPEk -----END PGP SIGNATURE-----
On Wednesday 23 October 2002 22:01, Andreas J Mueller wrote: thnks for responding.. no the entry of FW_SERVICES_EXT_TCP="" ... empty I start Apache thru webmin on occasion regards, piet
-----BEGIN PGP SIGNED MESSAGE-----
Hi Piet!
/var/log/warn came up with: my firewall2 is up, Apache not running.... why is it accepted??
Iptables accepts the connection request, probably because you have set FW_SERVICES_EXT_TCP="http", whether or not Apache is actually running.
The request will be rejected by the kernel, however, if no service is listening to TCP port 80. If you scan your system, the port should be reported as closed.
Regards, Andy
- -- Andreas J. Mueller email: <andy@muelli.net> PGP RSA Public Key ID 0x3D41D941 FP: ED261973D51D3D20 C840B0542E69F602 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (MingW32)
iQC9AwUBPbcAPfobN5o9QdlBAQHWPgVAms4XojTwU25iVynfzmzrMGcfxOMnUf5y eMPUNDGlqE/2rU+6BatI20TVpiQPDaOXqEs4bw1ke+dkct0FhOEqKPmBVQvmB8aG VzOSzmfIlJbtiz02RSswcFQsvJpj4xyhgM+uH54JZDoLxUs6Yv44mkej7v4v6cic Xfxe6mxTeh9Hbdz2LBahIloZLzZblYlBqK4Rjn1G6SFS28qnPBou5rMv+Cr8PoL1 =XPEk -----END PGP SIGNATURE-----
On Wednesday 23 October 2002 22:01, Andreas J Mueller wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hi Piet!
/var/log/warn came up with: my firewall2 is up, Apache not running.... why is it accepted??
Iptables accepts the connection request, probably because you have set FW_SERVICES_EXT_TCP="http", whether or not Apache is actually running.
The request will be rejected by the kernel, however, if no service is listening to TCP port 80. If you scan your system, the port should be reported as closed.
Regards, Andy
- -- Andreas J. Mueller email: <andy@muelli.net> PGP RSA Public Key ID 0x3D41D941 FP: ED261973D51D3D20 C840B0542E69F602 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (MingW32)
iQC9AwUBPbcAPfobN5o9QdlBAQHWPgVAms4XojTwU25iVynfzmzrMGcfxOMnUf5y eMPUNDGlqE/2rU+6BatI20TVpiQPDaOXqEs4bw1ke+dkct0FhOEqKPmBVQvmB8aG VzOSzmfIlJbtiz02RSswcFQsvJpj4xyhgM+uH54JZDoLxUs6Yv44mkej7v4v6cic Xfxe6mxTeh9Hbdz2LBahIloZLzZblYlBqK4Rjn1G6SFS28qnPBou5rMv+Cr8PoL1 =XPEk -----END PGP SIGNATURE-----
participants (2)
-
Andreas J Mueller -
Piet Roorda