On Thu, 31 Jul 2003 11:51, you wrote: > On Thu, Jul 31, 2003 at 11:19:16AM +1200, Christopher Sawtell wrote: > > I have noticed many attempts to connect to the secure port ( 445 ) > > By "secure", I assume you're talking about the well-known HTTPS/SSL > port--which is actually port 443. > > Port 445 is Microsoft-DS, which is mostly used for SMB/CIFS-over-IP. > > > used by IPCop and Smoothwall. Also my squid cache has been compromised > > in some way resulting in a denial of service if the squid daemon is > > active. > > Can you elaborate on this? Yes, the IPCop suddenly started to refuse to allow outgoing traffic on Port 80. I first established that there was sufficient log space on the disk, and rebooted, yes, yes, I know one isn't supposed to do that on oour favourite o/s but it does sometimes clear problems none the less. That was last night, so I went to bed earlier than some times and come back to it this morning more seriously. Had a very quick look at the logs and saw that there were a number of packets which were aimed at port 445. Not being a M$softie, I thought this seemed odd, so I thought that others might like to know about it. I'm now going to upgrade the IPCop to 1.3, but in order to do so I ahve to fit a larger disk, so will be off the 'Net while I do that.
-- Sincerely etc., Christopher Sawtell
