Ben Beeson wrote:
Aloha,
I am currently running -pre9 on a single machine that I am using as my sole
connection to the internet. (I used to run behind a router + firewall, but
that got packed up and moved to California recently.) Anyway, I am now
seeing a bunch of entries in my console logs related to port 135 scans.
(Blaster worm???) My /etc/services doesn't list port 135, so I went googling
and discovered that port 135 appears to be active directory related. I don't
think I need that for my Linux box.... Is there an easy way to just drop
those port 135 packets dead on the floor and forget about them? Is this a
good idea? Any ideas would be greatly appreciated.
Mahalos,
Ben
See the BLACKHOLE option, then set the policy on it to "DROP".
--MonMotha
