Date: Wed, 29 Nov 2000 20:45:03 -0800 (PST) From: Dan Babb <bdan@c-zone.net> To: "Jonathan M. Slivko" <jon_slivko@simphost.com> Cc: freebsd-security@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG Subject: Re: Danger Ports Message-ID: <Pine.BSF.4.21.0011292044170.36849-100000@flux.c-zone.net> In-Reply-To: <Pine.BSF.4.21.0011291907110.79751-100000@alpha.simphost.com>
next in thread | previous in thread | raw e-mail | index | archive | help
this is right out of the ACL for my core router.. ! reserved networks access-list 110 deny ip 127.0.0.0 0.0.0.255 any log access-list 110 deny ip 10.0.0.0 0.255.255.255 any log access-list 110 deny ip 172.16.0.0 0.15.255.255 any log access-list 110 deny ip 172.31.0.0 0.0.255.255 any log access-list 110 deny ip 192.168.0.0 0.0.255.255 any log ! various exploits, netbios, back orifice, netbus protection access-list 110 deny tcp any any range 137 139 access-list 110 deny tcp any any eq 31337 access-list 110 deny udp any any eq 31337 access-list 110 deny tcp any any range 12345 12350 access-list 110 deny udp any any range 12345 12350 - Dan On Wed, 29 Nov 2000, Jonathan M. Slivko wrote: > I am referring to the Back Orifice, Trinoo server ports, etc. Where can I > get my hands on a list of those port #'s? or are there any utilities that > act as those servers and log all attempts in hopes of catching those users > who will no doubt try and take advantage of an open system? > > ---- > Jonathan M. Slivko <jon_slivko@simphost.com> > Technical Support, CoreSync Corporation (http://www.coresync.net) > Team Leader, SecureIRC Project (http://secureirc.sourceforge.net) > Pager/Voicemail: (917) 388-5304 > ---- > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0011292044170.36849-100000>