> Date: Fri, 27 Oct 2000 02:26:42 -0700
> From: Jason <jkenner@mindspring.com>
> To: plug-discuss@lists.PLUG.phoenix.az.us
> Subject: Re: Sprint Broad Band
> Reply-To: plug-discuss@lists.PLUG.phoenix.az.us
>
>
> Many web-based tools that claim to scan your IP for trojan/backdoors
> will report that you have a backdoor if your machine accepts a simple
> telnet connection on the default port!!!
>
> I guess they must REALLY want people to use ssh or something. Who
> knows.
>
> --
> jkenner @ mindspring . com__
All my testing tells me that I am fairly stealthy, only allowing
services for things I actually need and use. Telnet isn't one of them
but ssh is. My logs show denys of many probes of Bill's ports (137 &
139) and occasional ftp, telnet and portmapper denys.
Maybe since a linux firewall doesn't match the "profile" of a typical
Windoze "open system", they assume it's infected?
-Doug
-Doug