[aclug-L] Re: Denied connections

[james l <james@xxxxxxxxxxxxxxxxxx>]

Root/Great Overall Dictator replies:
> I've been leaving my Frazierwall firewall turned on 24/7 for several days.  It
> has been denying about 200 hits each 24 hours.  In the 24 hours between about
> 0600 yesterday and 0600 today, I got almost 650 hits denied.  Kinda makes me
> wonder what was going on before I got the wall up.
> 

Lots of the same here, mostly on port 80(http) (code red anyone?)
and a few on port 139 (smb). 

> A related question; What keeps someone from breaking in on one of the ports 
> that
> is not denied by the firewall?
> bruce
> 

Essentially each connection opens a 'tunnel' to the outside and if the packet
is not sent as a response over one of these tunnels, it denys the packet.
Unless, you specifically allow access to say port 80 (forewared to another
machine), then there might be some problems. 

James L.
-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi