Date: Mon, 18 Dec 2000 18:19:23 -0600
From: Jeffrey Taylor
This is the port for the SubSeven trojan. It is the most common connect I see. The firewall accepts it, but there is probably nothing listening on this port. Run "netstat -Ainet -an | grep LISTEN" to find out what ports are open to a server. Apache has nothing to do with this. You should see port 80 open for Apache. The simple way to have the SuSEfirewall block it is to set:
FW_ALLOW_INCOMING_HIGHPORTS_TCP="ftp-data" FW_ALLOW_INCOMING_HIGHPORTS_UDP=""
You may need to add other services besides these (Quake3 uses 27960 and up).
HTH
Quoting jonathan
: I have tried to find what this port is, can anybody tell me. And then how do I block it? I am using the SuSEfirewall and it show an ACCEPT and I would like to see a DENY if it is something I don't need. I am running Apache on this machine so that might be the cause. TIA
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq