Date: Fri, 29 Jun 2001 10:33:34 -0500 From: "Thomas T. Veldhouse" <veldy@veldy.net> To: <George.Giles@mcmail.vanderbilt.edu>, <freebsd-security@freebsd.org> Subject: Re: What is ipfw telling me ? Message-ID: <007801c100b0$e7527730$3028680a@tgt.com> References: <OFB8BDE232.323E44F5-ON86256A7A.005144B2@MC.VANDERBILT.EDU>
next in thread | previous in thread | raw e-mail | index | archive | help
You may want to limit such abuse via firewall rules. # Stop RFC1918 nets on the outside interface ${fwcmd} add deny log all from any to 10.0.0.0/8 via ${oif} ${fwcmd} add deny log all from any to 172.16.0.0/12 via ${oif} ${fwcmd} add deny log all from any to 192.168.0.0/16 via ${oif} # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1, # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E) # on the outside interface ${fwcmd} add deny log all from any to 0.0.0.0/8 via ${oif} ${fwcmd} add deny log all from any to 169.254.0.0/16 via ${oif} ${fwcmd} add deny log all from any to 192.0.2.0/24 via ${oif} ${fwcmd} add deny log all from any to 224.0.0.0/4 via ${oif} ${fwcmd} add deny log all from any to 240.0.0.0/4 via ${oif} Tom Veldhouse veldy@veldy.net ----- Original Message ----- From: <George.Giles@mcmail.vanderbilt.edu> To: <freebsd-security@freebsd.org> Sent: Friday, June 29, 2001 9:49 AM Subject: What is ipfw telling me ? > What is ipfw telling me ? > > The 216 host is attempting to break in, but how is it using port 80 on the > other machine ? > > ipfw: 2400 Deny TCP 216.239.46.20:21602 10.0.0.1:80 in via xl0 > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007801c100b0$e7527730$3028680a>