[NTLUG:Discuss] Incoming Access Log Tables

MadHat madhat at unspecific.com
Tue Jan 4 10:50:26 CST 2005 

On Jan 4, 2005, at 10:15 AM, jpmiller at quorumhost.com wrote:
> Since nobody has responded to this, I guess I'll jump in...

No one responded because it does not sound like a Linux issue and the 
questions and details where vague.


> Sounds like you are trying to go from 0 to about 117 Mph in about 2.2 
> seconds,
> but that's often the best way.
>
> First as for what common ports are used for, here's a refernce :
> http://www.sockets.com/services.htm
>
> nobody really has to follow those port assignments, but folks usually 
> do.
>
> As far as whether someone is getting or not, we'll need a lot more 
> detail...
> first off what ports are they hitting?
> then we need to know about your network: how is your firewall 
> configured? do you
> allow port forwarding across your firewall? are you a DMZ host? if you 
> don't
> know the answers to these questions, then you're probably using a 
> default
> config, in which case telling us the make and model of the router 
> would be very
> helpful.
>
> most likely you're just getting random probes against known exploits 
> and your
> router doesn't allow port forwarding and is therefore blocking the 
> connection
> attempts.
>
> If there is reason to believe that someone is crossing your router 
> (due to
> either configuration or compromise), then we need to figure out where 
> they
> might be going, so we'll need to discuss the hosts on your network... 
> but that
> discussion is probably a post or two down from here in the process.
>
> Quoting Andrew Brown <dutch_fedora at earthlink.net>:
>
>> I was checking into my router and saw the "Incoming Access Log" Table.
>> There are several IP addresses and Ports they are accessing. I did a
>> search on google and found some info but not much relating to where
>> these ports go to... TCP/IP it appears. Just want to make sure I don't
>> have a security hole and someone is getting into my LAN. I am a novice
>> at this and need some advice. Thanks!
>>
>>
>> _______________________________________________
>> https://ntlug.org/mailman/listinfo/discuss
>>
>
>
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss
>

More information about the Discuss mailing list