Re: worm infection on linux host ? was: port 80 access while downloading over ppp ?

[mi <Michael.Wordehoff@gmx.de>]

I put it to this thread, Blars.

Am Donnerstag, 10. Juli 2003 22:18 schrieb Blars Blarson:
> As others have said, it's a system infected with IIS

lol :)

short and easy to understand !

> iptables -A INPUT -p tcp --dport 80 -s ! 127.0.0.1 -j DROP
...dropping anything tcp on port 80 but from 127.0.0.1 ?
Somehow I get confused - what port is used to connect to LAN via eth0 ?

If apache is started by inetd over tcpd, would it be be enough to configure 
/etc/hosts.allow and deny ?

Though i really like commands more than that -  is there a usable linux GUI ?
I mean, for a whole suite of security configurations.
( i know linuxconfig, but this is not very security-specific.
( I shall lookup webmin, i guess)

-- 
                                             

                                    mi <mrl>