At 10:14 PM 1/28/99 -0600, Fuzzy Fox wrote:
>Clifford Hammerschmidt <[EMAIL PROTECTED]> wrote:
>>
>> >ipchains -A input -j ACCEPT -y -p tcp -s 0.0.0.0/0 20 -d yourip 1024:65535
>>
>> This is also the same an -P input ACCEPT... your allowing anyone to
>> connect from their port 20 (easy enough to spoof) to your box on any
>> port above 1023... not a great idea.
>
>I think he later changed it to encompass only the masq range, 61000-
>65535, but still, the point is valid. Even with the looser ruleset,
>though, few important services are above the 1024 port range. The only
>ones that comes to mind are NFS and X, both of which can be specifically
>blocked. I wouldn't worry so much.
>
>> Someone using NMap could scan all your upper ports easily.
>
>And what would they find there?
Any backdoor or Trojan installed on your system by tampered code or
previous hacks.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
