[K12OSN] port blocking
"Terrell Prudé Jr."
microman at cmosnetworks.com
Wed Apr 9 08:28:52 UTC 2008
You'd do that at your firewall or any other routing device between your
K12LTSP server and the Internet. Simply add in an ACL to stop any
output from the server's outside IP address on those specific ports.
But what you really need to do is find out why that traffic's being
generated in the first place and where it's actually coming from..
We're recently seeing infestations on our Windows boxes by Trojans that
talk on TCP port 6667. We've had to ask our on-site technicians to
re-image several machines at several schools already. Remember that
your "anti-malware" software often will not be able to detect a recently
released Trojan, virus, or worm.
--TP
_______________________________
Do you GNU <http://www.gnu.org>?
Microsoft Free since 2003 <http://www.cmosnetworks.com>--the ultimate
antivirus protection!
Jim Anderson wrote:
> Hello all,
>
> I'm running K12LTSP v.5 in a computer lab that includes 2 Windows
> clients hanging off the internal network. We've received notice from
> the ISP that suspicious activity is occurring from the server's
> outside IP address on three different ports. How can I block those
> ports (I think the problem could be originating from the Windows 2000
> machines).
>
> Jim
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12osn/attachments/20080409/821c5243/attachment.htm>
More information about the K12OSN
mailing list