Port 135

To: "'debian-firewall@lists.debian.org'" <debian-firewall@lists.debian.org>
Subject: Port 135
From: "Hooton, Gerard" <G.Hooton@ucc.ie>
Date: Fri, 16 Apr 2004 14:16:48 +0100
Message-id: <[🔎] F64493091FAC4D4DAC46261FEC19679906770CB5@xch4.ucc.ie>

Hello all,
I have been having problem with traffic to port 153 keeping the PPP0 link
up.
I am using iptables to try and filter out (DROP0)this traffic in the INPUT,
FORWARD and OUTPUT chains, but can't get it to work.
The following is an example from tcpdump

18:47:03.187369 194.165.171.142.4461 > 194.165.172.99.135: S [tcp sum
ok]1903694970:1903694970(0) win 8760 <mss 1460,nop,nop,sackOK> (DF) (ttl
121, id 49385, len 48)


I also have the following 
iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT 

I am thinking that the port 135 traffic that is getting pass the firewall is
part of an established connection
If this is correct, what might running that requires responses to port 135?
Any ideas?

Regards

Gerard Hooton
Department of Microelectronic Engineering U.C.C.
Butler Building,
Enterprise Centre,
North Mall,
Cork.
Email: g.hooton@ucc.ie
http://www.ue.ucc.ie/staff/gerard_hooton.htm
Tel: +353 21 4904576
Fax: +353 21 490 4573

Reply to:

Follow-Ups:
- Re: Port 135
  - From: "Pete Clarke" <pete@dynotechnic.co.uk>

Prev by Date: Debian, underpriced medications here.
Next by Date: Re: Port 135
Previous by thread: Debian, underpriced medications here.
Next by thread: Re: Port 135
Index(es):
- Date
- Thread