Security....
James McKenzie
jjmckenzie51 at earthlink.net
Wed Oct 27 02:23:22 UTC 2004
James Kosin wrote:
> Everyone,
>
> I've actually had to lock down most ports on my server; because, I got
> tired of all the attempts at attacks.
> Everyone, please use a firewall. I've noticed many attacks to the
> following ports:
> 111 -- sunrpc ** this effects Linux machines
> 135 -- DCE Endpoint Resolution
> 137 -- netbios-ns
> 139 -- netbios-ssn
> 445 -- microsoft-ds ** these affects samba services as well.
> 1433 -- ms-sql-s
> 1434 -- ms-sql-m ** I don't know why SQL ports are being attacked.
>
> 1023 -- ???
> 5554 -- ???
> 9898 -- ??? ** this group may be related to PCAnywhere, or Worm, etc.
>
> The most active: port 445 by far!
>
> Just giving everyone a heads-up on the security issues.
> James Kosin
>
James:
A visit to www.symantec.com (yes this is the web site for
Norton/Symantec Antivirus) reveals that most of the attacks are directed
at known vulnerabilities in Microsoft Windows and/or Internet Explorer.
The 'hit' on 111 (sunrpc) usually reveals what operating system you are
running. However, a good firewall will stop these probes. BTW, there
is a well known and patched vulnerability in most Windows products with
TCP Port 445.
James McKenzie
More information about the fedora-list
mailing list