Annoying Port 135 Connection Attempts
I am getting many connection attempts to my port 135 from outside.
They appear to be coming from other dialin connections to my ISP.
This is the port that micro$loth left open to attack, which the
MSblaster worm has been using.
I know that my linux box isn't vulnerable, and that I've got
nothing listening to the port. But each of these connection
attempts is triggering my diald to stay connected, so it is major
annoying.
Is there an obvious way to stop these attempts? Or is there a way
to modify my /etc/diald/diald.defaults filters? Here is what I
have done, which is admittedly simplistic:
# I commented out the standard.filter include statement above,
# since it was setting timeouts of 30 seconds for DNS lookups
# (udp.domain), and 120 seconds for HTTP (tcp.www). This is too
# short for web browsing, so I blanket changed everything to:
# For any UDP, give 5 more minutes up time. For TCP, 20 minutes.
accept udp 300 any
accept tcp 1200 any
Thanks,
David
Reply to: