[EMAIL PROTECTED] wrote: > Hi, > what does port 137 and 138 does? Because I always get this log everytime a > host on my LAN access that port.
Ports 137 and 138 are used by the windows network (smb), and are popular targets for worms. > Feb 13 13:33:10 fw kernel: [POSSIBLE SPOOF ATTEMPT]: IN=eth0 OUT= > MAC=ff:ff:ff:ff:ff:ff:00:e0:18:6c:3c:0f:08:00 SRC=192.168.0.3 > DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=33702 PROTO=UDP > SPT=137 DPT=137 LEN=58 > > Is it necessary to open the ports? How to allow it using TEF 4.7? No idea, I've never used TEF, only iptables on standard TSL. > And also have other problem. Sometimes packet from my network on eth1 > missdirected to eth0. Thanks. If you would post the output of iptables -vnL and iptables -vnL -t nat on a web server and post links here, I might be able to give you a complete answer.. -- Cheers, Morten :wq _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
