Gerardo Soto wrote:
>
> Hi to everyone.
> I have configured my router ( cisco 2511 IOS 11.1) to deny
> everything but tcp 25, udp & tcp 53 , tcp 80 .
> Still someone has managed to break in . What can I do stop this things ?
> raw 0 0 *:1 *:*
>
> What does the raw connection mean ? Can someone help me out please
> ? I am getting tired of these people attacking all the time. Or can
> someone lead me to where I can get information to stop this ?
> Any information will be deeply appreciated.
The raw protocal is just anoter form like tcp and udp. It's just
receiving raw packet information without decoding. Every time I
do a netstat under any of my Linux systems I see port 1 being
listened to on the raw protocal. I have yet to see an actuall
connection to it. I belive it's connections are rather brief in
nature. Port 1 is tcpmux, for a better description see RFC-1078.
--
| Bryan Andersen | [EMAIL PROTECTED] | http://softail.visi.com |
| Buzzwords are like annoying little flies that deserve to be swatted. |
| -Bryan Andersen |
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
