On Wed, 04 Apr 2001, you wrote:
> On Wed, 4 Apr 2001, John Aldrich wrote:
>
> > Speaking of this....
> > Checking my logs lately, I've been seeing a TON of "print request from [ip]"
>
> Op. Yep. One of the worms also exploits lpr.
>
Ahh... I see... Hmm...don't think I'm running LPR... at least not accessible
from remote. :-)
>
> This is a feature in iptables. You can drop any packets that are NEW, or
> allow only packets that are ESTABLISHED or RELATED. This is possible only
> because of the new connection tracking code in 2.4.
>
*sigh* I can't WAIT for RH 7.1. :-)
John
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
