I can't find port 1214 in /etc/services but still I don't like the fact it is accepted. What should I do do have it dropeed or rejected? piet Jun 1 22:00:58 photoserver kernel: SuSE-FW-ACCEPTIN=ppp0 OUT= MAC= SRC=212.64.124.28 DST=213.17.34.237 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=16629 DF PROTO=TCP SPT=63959 DPT=1214 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (0204058401010402) Jun 1 22:00:59 photoserver kernel: SuSE-FW-ACCEPTIN=ppp0 OUT= MAC= SRC=212.64.124.28 DST=213.17.34.237 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=18165 DF PROTO=TCP SPT=63960 DPT=1214 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (0204058401010402) Jun 1 22:01:00 photoserver kernel: SuSE-FW-ACCEPTIN=ppp0 OUT= MAC= SRC=212.64.124.28 DST=213.17.34.237 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=19701 DF PROTO=TCP SPT=63961 DPT=1214 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (0204058401010402) Jun 1 22:01:02 photoserver kernel: SuSE-FW-ACCEPTIN=ppp0 OUT= MAC= SRC=212.64.124.28 DST=213.17.34.237 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=22517 DF PROTO=TCP SPT=63963 DPT=1214 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (0204058401010402)
On Saturday 01 June 2002 22:09, PR wrote:
I can't find port 1214 in /etc/services but still I don't like the fact it is accepted. What should I do do have it dropeed or rejected?
In your firewall2.rc.config item 11, set FW_ALLOW_INCOMING_HIGHPORTS_TCP to "no" or if you use ftp to "ftp-data" -- GertJan
On Saturday 01 June 2002 22:52, PR wrote:
that's what I did, but still it happened
Did you restart the firewall or rebooted the machine since you did that? Looking through the logs I find that on my firewall port 1214 does get dropped since I changed that, before it was accepted also. -- GertJan
On Saturday 01 June 2002 22:09, PR wrote:
I can't find port 1214 in /etc/services but still I don't like the fact it is accepted. What should I do do have it dropeed or rejected?
In your firewall2.rc.config item 11, set FW_ALLOW_INCOMING_HIGHPORTS_TCP to "no" or if you use ftp to "ftp-data" -- GertJan
On Saturday 01 June 2002 22:52, PR wrote:
that's what I did, but still it happened
Did you restart the firewall or rebooted the machine since you did that? Looking through the logs I find that on my firewall port 1214 does get dropped since I changed that, before it was accepted also. -- GertJan
participants (2)
-
GertJan Spoelman
-
PR