Displaying 5 results from an estimated 5 matches for "robertgraham".
2003 Mar 23
0
New parsefw
...to incorporate
parsefw into the Bering Weblet application. (weblet.lrp) I also had
newbies in mind, so I included text descriptions next to most of the
currently exploited ports, and it created HTML links to the "Firewall
Forensics" "Firewall FAQ" destination port section.
(www.robertgraham.com/pubs/firewall-seen.html)
The parser looks for lines having the text Shorewall in it, so it is
possible to run this against a general syslog style logfile, or a
Shorewall specific logfile. I''m using ulogd to make my life easier, but
you may not have that available to you.
I feel no s...
2002 Jan 09
0
Slight OT
Thought some of you might find this useful.
http://www.robertgraham.com/pubs/firewall-seen.html
This document explains what you see in firewall logs, especially what port
numbers means. You can use this information to help figure out what hackers
are up to.
This document is intended for both security-experts maintaining corporate
firewalls as well as home user...
2003 Jan 08
2
what is on port 10619
since a few days i have a huge number of ips trying to access something on
UDP port 10619...
i have a shorewall running on a dynamic dsl provider, which gets a new ip
every 24 hours, so maybe those ips are trying to access some service, but i
doubt it...
anyone seen some activity on udp 10619 lately? is there some new trojan,
virus or something floating around?
they are flooding the logs with
2002 Sep 10
2
Traceroute
How do I allow traceroute to reach my server? Pings work fine but
traceroute stops at the last hop before my server. If I shut off the
firewall it reaches it fine.
PING danicar.net (24.222.246.120): 56 data bytes
64 bytes from 24.222.246.120: icmp_seq=0 ttl=237 time=104.0 ms
64 bytes from 24.222.246.120: icmp_seq=1 ttl=237 time=74.9 ms
64 bytes from 24.222.246.120: icmp_seq=2 ttl=237 time=90.6
2002 Apr 08
22
Parameterized Samples Withdrawn
Although the parameterized samples have allowed people to get a firewall
up and running quickly, they have unfortunately set the wrong level of
expectation among those who have used them. I am therefore withdrawing
support for the samples and I am recommending that they not be used in new
Shorewall installations.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \