I am running Linux 6.2, on a ADSL line. I have used IPchains and set my default policy for input to DENY and disabled telnet on all interfaces with --log option so I can see people trying to hack in. Only open ports are www, smtp, DNS and FTP (FTP is secured with ftpaccess and ftpusers file). I still see in my messages log that people trying to telnet on 127.0.0.1, how is this possible can someone tell me how are these people doing this? Are these people on the same Network and Netmask as I am, so they can play with MAC address and put 127.0.0.1 onto their TCP packets? --- /var/log/messages --- Jan 17 14:48:35 server1 kernel: Packet log: input DENY lo PROTO=6 127.0.0.1:1090 127.0.0.1:23 L=60 S=0x00 I=14049 F=0x4000 T=64 SYN (#6) Please reply via mail. Thanks Sincerely [EMAIL PROTECTED] - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
