[NTLUG:Discuss] Incoming Access Log Tables

[jpmiller@quorumhost.com]

Since nobody has responded to this, I guess I'll jump in...

Sounds like you are trying to go from 0 to about 117 Mph in about 2.2 seconds,
but that's often the best way.

First as for what common ports are used for, here's a refernce :
http://www.sockets.com/services.htm

nobody really has to follow those port assignments, but folks usually do.

As far as whether someone is getting or not, we'll need a lot more detail...
first off what ports are they hitting?
then we need to know about your network: how is your firewall configured? do you
allow port forwarding across your firewall? are you a DMZ host? if you don't
know the answers to these questions, then you're probably using a default
config, in which case telling us the make and model of the router would be very
helpful.

most likely you're just getting random probes against known exploits and your
router doesn't allow port forwarding and is therefore blocking the connection
attempts.

If there is reason to believe that someone is crossing your router (due to
either configuration or compromise), then we need to figure out where they
might be going, so we'll need to discuss the hosts on your network... but that
discussion is probably a post or two down from here in the process.

Quoting Andrew Brown <dutch_fedora at earthlink.net>:

> I was checking into my router and saw the "Incoming Access Log" Table.
> There are several IP addresses and Ports they are accessing. I did a
> search on google and found some info but not much relating to where
> these ports go to... TCP/IP it appears. Just want to make sure I don't
> have a security hole and someone is getting into my LAN. I am a novice
> at this and need some advice. Thanks!
>
>
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss
>




----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.