Re: How to tell if a Linux machine is a zombie?

To: debian-user@lists.debian.org
Subject: Re: How to tell if a Linux machine is a zombie?
From: Paul Johnson <baloo@ursine.ca>
Date: Wed, 10 Jan 2007 20:49:20 -0800
Message-id: <[🔎] g7sg74xthc.ln2@ursa-major.ursine.ca>
References: <[🔎] 20070108191301.GA555@cromwell.tmiaf> <[🔎] 03e301c7337e$a268c6e0$0500ac0a@slider> <[🔎] ulpb74xfqt.ln2@ursa-major.ursine.ca> <[🔎] 20070109140527.GB1294@pluto> <[🔎] cn6d74xtl6.ln2@ursa-major.ursine.ca> <[🔎] 20070109230700.GA1497@pluto> <[🔎] h2rf74xtgc.ln2@ursa-major.ursine.ca> <[🔎] 20070111002656.GC1474@pluto>

Douglas Tutty wrote:

> On Wed, Jan 10, 2007 at 11:23:29AM -0800, Paul Johnson wrote:
>
>> I think shorewall assumes that you don't really want to block /all/
>> outbound traffic and does the right thing, then.
>  
> Before you assume this, you should check the netfilter docs.  If by
> default I block all outgoing and incomming connections then there's no
> way to establish an 'existing' connection in the first place.  If I
> allow outgoing http requests then the data is allowed back in without me
> opening the http port to allow incoming requests.  That's the heart of
> netfilter.

Aah, OK.  I must be thinking ipchains or ipfw from back in the day or
something.  Netfilter isn't such a pain by comparison to those two.

Reply to:

Follow-Ups:
- Re: How to tell if a Linux machine is a zombie?
  - From: Douglas Tutty <dtutty@porchlight.ca>

References:
- How to tell if a Linux machine is a zombie?
  - From: "Russell L. Harris" <rlharris@oplink.net>
- RE: How to tell if a Linux machine is a zombie?
  - From: "James Stevenson" <james@stev.org>
- RE: How to tell if a Linux machine is a zombie?
  - From: Paul Johnson <baloo@ursine.ca>
- Re: How to tell if a Linux machine is a zombie?
  - From: Douglas Tutty <dtutty@porchlight.ca>
- Re: How to tell if a Linux machine is a zombie?
  - From: Paul Johnson <baloo@ursine.ca>
- Re: How to tell if a Linux machine is a zombie?
  - From: Douglas Tutty <dtutty@porchlight.ca>
- Re: How to tell if a Linux machine is a zombie?
  - From: Paul Johnson <baloo@ursine.ca>
- Re: How to tell if a Linux machine is a zombie?
  - From: Douglas Tutty <dtutty@porchlight.ca>

Prev by Date: Re: Root privilege (SOLVED)
Next by Date: Re: Root privilege (SOLVED)
Previous by thread: Re: How to tell if a Linux machine is a zombie?
Next by thread: Re: How to tell if a Linux machine is a zombie?
Index(es):
- Date
- Thread