Please forgive what is almost certainly an ignorant question from one who has little understanding of the subject.
I'm running CentOS-6.3 with shorewall (and fail2ban), accessing the internet through a Billion router/modem. I've noticed recently a large number of logwatch entries like ------------------------------------ Dropped 4177 packets on interface eth0 From 1.0.159.111 - 2 packets to udp(51001) ------------------------------------ all targeting port 51001 (from many different IP addresses). I haven't explicitly opened this port on the router, nor is it mentioned in my shorewall rules. I would have thought this packet would be unable to get through the router? Or are UDP packets usually treated differently to TCP packets? -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College Dublin ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
