[sclug] Re: External command run for host: using command: "echo \
David Given
dg at cowlark.com
Tue Jan 3 22:34:59 UTC 2006
On Saturday 31 December 2005 15:54, Graham wrote:
> I dont belive they are being foiled.
> I think that the attacker is sucessfully 'pinging' your box.
> and checking that they can still cause an address to be blocked.
> Denial-Of-Service - checked to be available but not used
According to my /etc/services, UDP port 80 has a name (www), so it could have
a legitimate use --- but I've never heard of HTTP being transferred over UDP
before.
Frankly, stray UDP packets to random ports where nobody's listening barely
count on my threat meter. If they're being chucked out correctly by your
firewall, I'd be inclined to log 'em and forget 'em --- it's just part of the
ordinary internet background noise.
--
+- David Given --McQ-+
| dg at cowlark.com | "I have a mind like a steel trap. It's rusty and
| (dg at tao-group.com) | full of dead mice." --- Anonymous, on rasfc
+- www.cowlark.com --+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.tmdg.co.uk/pipermail/sclug/attachments/20060103/e340a1c3/attachment.bin
More information about the Sclug
mailing list