[NTLUG:Discuss] Incoming Access Log Tables

Andrew Brown dutch_fedora at earthlink.net
Tue Jan 4 13:34:27 CST 2005 

On Tue, 2005-01-04 at 10:15, jpmiller at quorumhost.com wrote:

Thanks for the reference materials. That is exactly what I was looking
for! Yes I am usually going from 0 to 117 MPH... fall down some but hey
it is FUN and that what this is about. Do not think I have a security
problem at this point. Not much to worry about as far as "secret info"
getting out and about off the box anyway. Just learning as much as I can
and about all that I can! Thanks a ton for the resource.

AB

> Since nobody has responded to this, I guess I'll jump in...
> 
> Sounds like you are trying to go from 0 to about 117 Mph in about 2.2 seconds,
> but that's often the best way.
> 
> First as for what common ports are used for, here's a refernce :
> http://www.sockets.com/services.htm
> 
> nobody really has to follow those port assignments, but folks usually do.
> 
> As far as whether someone is getting or not, we'll need a lot more detail...
> first off what ports are they hitting?
> then we need to know about your network: how is your firewall configured? do you
> allow port forwarding across your firewall? are you a DMZ host? if you don't
> know the answers to these questions, then you're probably using a default
> config, in which case telling us the make and model of the router would be very
> helpful.
> 
> most likely you're just getting random probes against known exploits and your
> router doesn't allow port forwarding and is therefore blocking the connection
> attempts.
> 
> If there is reason to believe that someone is crossing your router (due to
> either configuration or compromise), then we need to figure out where they
> might be going, so we'll need to discuss the hosts on your network... but that
> discussion is probably a post or two down from here in the process.
> 
> Quoting Andrew Brown <dutch_fedora at earthlink.net>:
> 
> > I was checking into my router and saw the "Incoming Access Log" Table.
> > There are several IP addresses and Ports they are accessing. I did a
> > search on google and found some info but not much relating to where
> > these ports go to... TCP/IP it appears. Just want to make sure I don't
> > have a security hole and someone is getting into my LAN. I am a novice
> > at this and need some advice. Thanks!
> >
> >
> > _______________________________________________
> > https://ntlug.org/mailman/listinfo/discuss
> >
> 
> 
> 
> 
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
> 
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss

More information about the Discuss mailing list