On Fri, 19 Jul 2002, Rogan Lynch wrote:
> Hello Again,
> I have been seeing shorewall block quite a bit of traffic usually from from
> a handful of different dsl or cable-modem users on ports 1344 &
> 1433. Usually these packets include my personal workstations internal
> (RFC1918) IP, and I am worried. What uses those ports?
>
Are you using static NAT? Shorewall filters packets after DNAT has been
applied so the messages will always show your internal IP.
Port 1433 is very popular right now (MS SQL Server) so there''s
obviously a
vulnerability in that software that people are looking for. Don''t know
about 1344 unless it''s some dislexic idiot looking for 1433.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net