RE: [suse-security] How to drop Winmx p2p

30 Jun 2004


      you are using the --syn option, so you only are preventing establishing new
connections, you are not dropping the established ones, so perhaps the
connections are alive because they were established before you applied the
rule...

  HTH,

José Luis Ledesma
_______________
Competitiveness
Telephone: +34 93 582 02 90
Email: jledesma@competitiveness.com
Website: http://www.competitiveness.com


-----Original Message-----
From: lab.civitanova@unimc.it [mailto:lab.civitanova@unimc.it]
Sent: miércoles, 30 de junio de 2004 10:58
To: suse-security@suse.com
Subject: Re: [suse-security] How to drop Winmx p2p


Scrive Markus Gaugusch :
...
On Jun 30, lab.civitanova@unimc.it  wrote:
...
How can I stop winmix peer to peer connections? I try in my gateway 
machine to write this : "iptables -A FORWARD -p tcp --syn -dport 6699 -j
...
...
DROP", but it doesn't work. Winmix seem to connect anyway with a remote 
host at the port 6699.
First: Better stop all traffic except for "known good" ports. There are so
...
many was to do file sharing, that you can hardly prevent them by 
firewalling.
Second: You probably have another rule that allows all traffic and the 
rule above is appended to your ruleset. Better use -I (insert) and not -A 
(append).
Markus
-- 
__________________    /"\
Markus Gaugusch       \ /    ASCII Ribbon Campaign
markus(at)gaugusch.at  X     Against HTML Mail
                       / \
-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@suse.com
Security-related bug reports go to security@suse.de, not here
Thanks everybody but nothing to do!!!
Winmix connection seem to be alive anyway!!!!

I try other ways

Bye Bye

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@suse.com
Security-related bug reports go to security@suse.de, not here

José Luis Ledesma

tags

participants (1)