I am glad that with DSL, I can choose my ISP. I switched from USWest to Fastq and they've been wonderful. For $19.95/month +$9.95 for 8 static IPs, I can run anything I want. They even help register my domain (pamarq.com) with their DNS. I'm running web server, ftp server, and mail server with them, all with their blessing. Now I am only planning on using this for my personal use, but I still enjoy the freedom. I have not set up any web pages yet (so the default "you've set it up correctly page" comes up), but am looking forward to being a little creative. Mark ----- Original Message ----- From: "Furmanek, Greg" To: Sent: Friday, March 10, 2000 9:30 AM Subject: RE: @home security scans > oooh.. The big brother is looking for news groups servers. > > check your /etc/services to find out what they are looking for. > > If you are with cox or any other full time connection you should > have firewall running denying anything you do not want to serve to > the world. > Otherwise you are vulnerable! > > Check out: > Firewall-HOWTO > Ipchains-HOWTO > > > The Wolf > > -----Original Message----- > From: Shawn T. Rutledge [mailto:rutledge@cx47646-a.phnx1.az.home.com] > Sent: Thursday, March 09, 2000 8:31 PM > To: plug-discuss@lists.PLUG.phoenix.az.us > Subject: Re: @home security scans > > > On Thu, Mar 09, 2000 at 07:03:30PM -0800, Todd Jamison wrote: > > I installed psionic portsentry tonight and i noticed > > that authorized-scan.security.home.net/24.0.94.130 > > tried to connect to tcp 119 on my pc. Is this a > > random scan or is it something I should be worried > > about??? What happens if they find out that I am > > running Linux??? > > They won't care about that but if you're running any kind of "server" > software > (apache, sendmail, ftpd, telnetd etc) I recommend > > ipfwadm -I -a deny -S 24.0.0.0/8 > > - a good security precaution as well as preventing them from finding out > what ports you have open. And you will also have to make exceptions for > the DNS servers, web server, news server and any other @home machines you > need to access. For example, > > ipfwadm -I -a accept -S 24.1.240.33/32 > ipfwadm -I -a accept -S 24.1.240.34/32 > ipfwadm -I -a accept -S 24.1.240.71/32 > > Put those rules in before the "deny" rule because the first matching rule > will set the policy. And of course the syntax is different for ipchains > (for kernels in the 2.2 series). > > Lessee... port 119 is nntp so evidently they were looking for rogue news > servers. > > -- > _______ http://www.bigfoot.com/~ecloud > (_ | |_) ecloud@bigfoot.com finger rutledge@cx47646-a.phnx1.az.home.com > __) | | \__________________________________________________________________ > Get money for spare CPU cycles at http://www.ProcessTree.com/?sponsor=5903 > > _______________________________________________ > Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > _______________________________________________ > Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >