Am 16.10.2012 20:01, schrieb [email protected]: Wouldn't it be possible to REDIRect the traffic onto your firewall machine to some other port just in order to record its contents? So you don't really open up the port to the other machine again.
> Oh dear, no wonder. I thought netcat would be watching inside the firewall. > > I really hate to open it as it could leak anything about me to him. Maybe I > could set up a VM with his IP to intercept traffic. > > > I am just now in the process of setting up Squid, with anonymize headers. I > suspect that if someone got in, it must have been through Konqueror as my > firewall is very tight and I am careful with email. > merc1984@f <mailto:merc1984@f>-m.fm > > > On Tue, Oct 16, 2012, at 10:40, Tom Eastep wrote: >> On 10/16/2012 10:30 AM, [email protected] <mailto:[email protected]> wrote: >> >> Thanks, but I have tried that, adding -c and monitoring constantly. >> netstat is blind to these, as it showed nothing even as Shorewall >> blocked more. I suspect netstat monitors -source- port (which is >> random), so I set Wireshark to listen for the particular IP, and it was >> blind as well, when flurries of hits were blocked by Shorewall. >> >> >> I can't believe this network traffic and sockets are invisible! >> >> >> They won't be visible so long as you are blocking the traffic with the >> firewall. You have to temporarily unblock it to be able to track it. >> >> Do you run Squid on your firewall? >>
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
