Re: All these open ports

[Katipo <katipo@weavers-web.org>]

listcomm@ml1.net wrote:

> > If a port is open, and associated with a program which isn't from a
> > debian package and you don't believe you put it there yourself - its
> > time to consider the possibility your machine has been compromised.
> >    
>
> Okay...  that gives me an opening to try this again.
>  
<<snip>>

> In any case, I've as yet been unable to find any way of getting
> detection and authorization of outgoing requests with any
> of the Linux firewalls, or with IPtables - although I can hardly say
> that
> I've thoroughly done my homework
Even firestarter provides some degree of configurability in this respect.

> - but I have asked here and there and
> thus far no one seems to know.
Asking in the right place helps.
A number of people here would have the answers you're looking for, but 
Debian has a firewall list.

>  The "Paradigm" seems to be that if
> it's something that got spawned on your machine, and is trying to
> connect
> outward, it by definition must be legitimate, so it gets granted a port,
> unless whatever port it is requesting is *already* explicitly blocked
> by "iptables" or whatever for some reason.
>  
With Debian you can configure for literally any eventuality.
Itt might be an idea to check out apps like tinyhoneypot amongst others, 
also.

> (Okay, now, everybody yell in unison:  "WELL GO RUN WINDOWS THEN!!!")
>  
Failing that, go run windows.
Regards,

David.