Giati exo firewall energopoihmeno (was: Re: iptables script + δυνατότητες)
Giorgos Keramidas
keramida at ceid.upatras.gr
Tue Oct 15 14:35:02 EEST 2002
On 2002-10-15 11:31, Kekes Stamatis <skekes at kosmoslink.gr> wrote:
> Ego prosopika theoro oti gia ena home mixanima to na exei kaneis
> toso "sfixto" firewall einia ligo ypervoli. Apo tin alli an einai se
> ena ergasiako periballon to opoio exei na kanei me prosvasi sto
> internet tote kala kanei efoson kai pali den vrisketai piso apo
> firewalls kai proxies.
Opoiodhpote mhxanhma exei esto kai periodika sundesh me to Internet,
kat' eme prepei na exei kapoio filtering sta paketa pou dexetai. To
Internet den einai katholou filiko (pleon). Paradeigma: prin apo miso
lepto ekana dialup sundesh. Xoris na exo kanenos eidous sxesh me ton
sugkekrimeno ISP, mou kanei port scan ena mhxanhma apo kapoio ISP ths
Boulgarias. Giati? Den ksero. An krino apo to pattern pou exoun ta
ports pou paleuei na sundethei, mallon psaxnei gia open proxies. Apo
to sugkekrimeno IP address exo dextei ki alles fores scans.
# grep 'ipmon.*212.39.86.9' /var/log/messages | \
awk '{print $1,$2}' | sort | uniq
Oct 15
Oct 4
Sep 27
Sep 28
Oi portes pou kanei scan, me suxnothta emfanishs einai:
# grep 'ipmon.*212.39.86.9' /var/log/messages | \
cut -d, -f3 | awk '{print $1}' | sort | uniq -c | sort
30 25
30 8080
34 8000
35 81
36 3128
64 1080
146 80
Mou moiazei polu gia kapoios pou dokimazei exploitz me to kilo, kai
psaxnei gia open proxies h mhxanhmata pou na mporei na ta spasei
eukola me kapoio prosfato bug. Mia proth skepsh pou ekana htan oti
isos autos na einai kapoios IRC server, alla den apantaei se kanena
apo ta gnosta ports (6667, 7000, 10000).
Tora tha mou peite "Nai ok, se kanei scan kai brhkes mallon giati.
Kai ti katalabes tora?". Mallon tipota. Alla ola auta pou ekana den
tha mporousa na ta kano an den eixa kapoio firewall, kai malista an
den ekane log kapoia apo ola ta paketa pou petaei sto /dev/null.
Sumperasma: panta exei plaka na trexeis ena firewall kai na koitas ti
sou grafei sta logs (an exeis arketo disko).
More information about the Linux-greek-users
mailing list