Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 2 Jun 2001 22:37:27 +0200
From:      "Liran Dahan" <lirandb@netvision.net.il>
To:        <freebsd-security@freebsd.org>
Subject:   Re: Connections to ports > 1024
Message-ID:  <002c01c0eba3$d6a4e020$b88f39d5@a>
References:  <3B193273.B87F743A@gmx.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
Yes I agree with Lee, I don't think you have any specific reason to be
worried, though if it is bothering you so much, put an speific IPFW/IPF
rules for these ports, or maybe if you can see that these connections are
being attemped by a Static IP User/s, you may block him/them as well, or
maybe add an special route command to deny them.
Buttom line I wouldn't be so worried about it. (Allthough I'm *paranoid*)

Best Regards,

Liran Dahan (lirandb@netvision.net.il)

----- Original Message -----
From: "Raoul Schroeder" <memphis_ms@gmx.net>
To: "FreeBSD Security" <freebsd-security@FreeBSD.ORG>
Sent: Saturday, June 02, 2001 8:37 PM
Subject: Connections to ports > 1024


> Hello everyone,
>
> thanks to all the ongoing discussions in this group I am learning a lot
> about securing my freebsd box.
> When looking through my daily security logs, I see the typical attempts
> to connect to port 21, which I am rapidly getting used to. Along with
> that I see attempts to connect with TCP on port 53 (I assume to break a
> DNS server, like BIND?) - not that I have a DNS running on my systems.
> What puzzles me more though is that more and more often I see connection
> attempts to ports > 1024, like 8000, or 1080.
> So, just because I am curious, are these people scanning for Trojans?
> Should I just ignore it - the connections are dropped anyway - or is
> there something more useful to do?
>
> Thanks,
>
> Raoul
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002c01c0eba3$d6a4e020$b88f39d5>