SuSEfirewall 4.3-3 on SuSE 7.1 Zebra 0.91a opens ports for virtual terminals. `netstat -anp` show these ports as (is it IPv6 notation?): ---------- tcp 0 0 :::2604 :::* LISTEN 23643/ospfd tcp 0 0 :::2601 :::* LISTEN 23640/zebra ---------- I guess SuSEfirewall doesn't discover these ports as listening and doesn't close it, although FW_AUTOPROTECT_GLOBAL_SERVICES="yes". Also `SuSEfirewall -check` doesn't show these ports as unprotected. Thank you, Vadim
Hi folks! maybe (at the moment) a little bit OT, but take time zo read: http://grc.com/dos/grcdos.htm A well written doc of an DoS/DDoS-Attack by an 13yr. "script-kiddy", using many W&%-Boxes as 'agents'/'bots' against grc.com ! For me (not paranoid <g>!) it shows, that security (and all belonging subjects) is an permanent importance for *everyone* CU -- best greetings from Solingen /GERMANY Dieter Hürten
On 01-Jun-01 Dieter Huerten wrote:
Hi folks!
maybe (at the moment) a little bit OT, but take time zo read: http://grc.com/dos/grcdos.htm
A well written doc of an DoS/DDoS-Attack by an 13yr. "script-kiddy", using many W&%-Boxes as 'agents'/'bots' against grc.com !
For me (not paranoid <g>!) it shows, that security (and all belonging subjects) is an permanent importance for *everyone*
Unlike a certain amount of postings covering pure Linux installation problems, your posting is not OT at all. I can only strongly recommend anyone in this list to read through the whole document to witness a clever admin fighting against a number of simple, but very effective distributed Denial-of-Service-Attacks. Another document covering the (d)DoS'sing of CERT�s website which took place on May 21st can be found on http://www.securityfocus.com/templates/article.html?id=210 ("Scared of 'Zombies'? You should be").
CU -- best greetings from Solingen /GERMANY
Dieter H�rten
--- Boris Lorenz <bolo@lupa.de> System Security Admin *nix - *nux ---
participants (3)
-
Boris Lorenz -
Dieter Huerten -
Vadim Kouzmine