Mailinglist Archive: opensuse-security (69 mails)

< Previous Next >
Re: [suse-security] Open port in SuSEfirewall2
  • From: "Terje J. Hanssen" <nteknikk@xxxxxxxx>
  • Date: Tue, 17 Oct 2006 18:03:37 +0200
  • Message-id: <4534FED9.8050604@xxxxxxxx>
Richard Ems wrote:
> I would suggest you to use tcpdump and sniff on the NIC to see if ssh
> packets are arriving at all at your workstation.
>
> tcpdump -i eth0 port ssh
>
> will write to the console all ssh packets seen on eth0.
> Or if you like GUIs try ethereal.
>
> See "man tcpdump".

First, after entering the above command on the local host (alfa, Linux),
is it possible to connect back again to local host using ssh through the
router's (netsreen) external ip address, i.e. something similar to

ssh 1.2.3.4 22

or possibly log this using another command?

Isn't there any log file from/for the SuseFirewall2 that tells if and
which communication attempts (type) that has occured or has been
rejecteded? Or are this only logged for each service type like already
mentioned for ssh in /var/log/messages?


Rgds,
Terje

< Previous Next >