AmigaActive (1383/1728)

From:Andrew Bruno
Date:26 Jun 2001 at 09:31:55
Subject:Re: Internet Abuse and Port Hacks

Hello Craig_Daines@excite.co.uk

Some of these have been covered by others too.

On 26-Jun-01, you wrote:

> I am experiencing illegal ports opening via Miami. It's been happening
> for some time now, even despite setting up a firewall in Miami strange
> ports are popping up every now and then. I have turned on logging, and
> am using syslog.library to collect evidence to pass to my ISP, as well
> as scanning ports that are opened using GoPortScan to obtain service
> information of ports opened.

Get back to me I am interested in how you are doing that.

As it was suggested, which ports?

Things I have learnt:
Some IRC hosts scan your port 23 when you log in/on. 23 is a Telent port
BTW (am I right?)

At the bottom of you access list but a $ *.*.*.* BAN LOG line.

I am not a MIAMI person, but I think that their config is very similar to
Genesis.

Regards



And God said, "Let there be light, but make it quick."

Andrew Bruno
abruno@zeta.org.au

Quote carefully and read all ADMIN:README mails
To unsubscribe mailto:amigactive-unsubscribe@yahoogroups.com
Anyone sending unsubscribe messages to the list will be SHOT!

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/