In your message regarding Re: [SAtalk] Is Razor making me think that I was compromised? dated Mon, 21 Oct 2002 16:06:00 -0500 (CDT), [EMAIL PROTECTED] said that ...
>l- On Mon, 21 Oct 2002, Frank Pineau wrote: > > > On Mon, 21 Oct 2002 15:03:50 -0500 (CDT), you wrote: > > > > >This is a bad choice for a port IMHO. Frankly every firewall I set up > > >(and have seen up close) blocks tcp/udp 1-19. Those services have no > > >purpose on the Internet at large IMHO. They are plagued with security > > >issues and under-maintained source projects. > > > > > >I wonder if Razor will fail if tcp/7 is blocked. The box I'm testing SA > > >on (with Razor) isn't yet behind a firewall. > > > > Razor uses TCP ECHO instead of ICMP ECHO because the Net::Ping Perl module it > > uses requires root privileges to do an ICMP ping. I don't know if there's an > > alternative. You could probably hack it to not do the network check. It calls > > Net::Ping in Core.pm. This means that port 7 TCP has to be open to allow that > > traffic. >l- >l- Unless there's a simple config option for it, I'll probably just eliminate >l- Razor for my setups. Thanks for the info I just allowed tcp/7 outgoing traffic ONLY to the IP addresses of the razor servers ONLY and that seems to work. I wouldn't have thought that there was much of a security problem with that ......... unless you know better? -- Mike ------------------------------------------------------- This sf.net emial is sponsored by: Influence the future of Java(TM) technology. Join the Java Community Process(SM) (JCP(SM)) program now. http://ad.doubleclick.net/clk;4699841;7576298;k?http://www.sun.com/javavote _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
