Re: newbie iptables question

To: debian-security@lists.debian.org
Subject: Re: newbie iptables question
From: "s. keeling" <keeling@spots.ab.ca>
Date: Sat, 14 Aug 2004 00:36:06 -0600
Message-id: <[🔎] 20040814063606.GA21394@infidel.spots.ab.ca>
In-reply-to: <[🔎] E1BvrN8-0003vh-00@calista.eckenfels.6bone.ka-ip.net>
References: <[🔎] 20040814044233.GG18309@infidel.spots.ab.ca> <[🔎] E1BvrN8-0003vh-00@calista.eckenfels.6bone.ka-ip.net>

Incoming from Bernd Eckenfels:
> In article <[🔎] 20040814044233.GG18309@infidel.spots.ab.ca> you wrote:
> >> > > Aug 12 04:36:53 towern kernel: |iptables -- IN=ppp0 OUT= MAC= 
> >> > > SRC=201.129.122.85 DST=12.65.24.43 LEN=48 TOS=0x00 PREC=0x00 TTL=115 
> >> > > ID=40023 DF PROTO=TCP SPT=4346 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0 
> ...
> > It all depends on whether you have services running on your machine
> > that listen on DPT (445 in this case).  If something is there to "pick
> > up the phone" so to speak, anything can happen.  That service could
> > answer on another port altogether.
> 
> Well, you need to check if DST= is a local address, anyway.

Are you suggesting that I might see stuff in my logs that was destined
for a foreign IP?  If so, that would make me an open mail relay, no?


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*)               http://www.spots.ab.ca/~keeling 
- -

Reply to:

Follow-Ups:
- Re: newbie iptables question
  - From: Bernd Eckenfels <ecki-news2004-05@lina.inka.de>
- Re: newbie iptables question
  - From: Daniel Pittman <daniel@rimspace.net>

References:
- Re: newbie iptables question
  - From: "s. keeling" <keeling@spots.ab.ca>
- Re: newbie iptables question
  - From: Bernd Eckenfels <ecki-news2004-05@lina.inka.de>

Prev by Date: Re: newbie iptables question
Next by Date: Re: newbie iptables question
Previous by thread: Re: newbie iptables question
Next by thread: Re: newbie iptables question
Index(es):
- Date
- Thread