Re: [CentOS] Hacking Issue

2011-09-27 Thread Micky L Martin
On Mon, Sep 26, 2011 at 10:10 AM, m.r...@5-cent.us wrote: Theo Band wrote: On 09/26/2011 01:02 PM, Jennifer Botten wrote: I am having an issue with someone accessing our server via a SIP/VOIP connection. I have changed my iptables rules to drop all UDP traffic from and too this IP

[CentOS] Hacking Issue

2011-09-26 Thread Jennifer Botten
Hi, I am having an issue with someone accessing our server via a SIP/VOIP connection. I have changed my iptables rules to drop all UDP traffic from and too this IP address, but this traffic seems to still run through my server. These are the iptables rules that I current have on the server.

Re: [CentOS] Hacking Issue

2011-09-26 Thread Jorge Fábregas
On 09/26/2011 07:02 AM, Jennifer Botten wrote: -A INPUT -i eth0 -d 209.61.231.42 -p udp -j DROP This needs to be: -A OUTPUT -i eth0 -d 209.61.231.42 -p udp -j DROP ...if you want to drop packets initiated from your system to that ip...which doesn't make any sense if you're dropping all the

Re: [CentOS] Hacking Issue

2011-09-26 Thread Jennifer Botten
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Jorge Fábregas Sent: 26 September 2011 01:09 PM To: centos@centos.org Subject: Re: [CentOS] Hacking Issue On 09/26/2011 07:02 AM, Jennifer Botten wrote: -A INPUT -i eth0 -d 209.61.231.42 -p

Re: [CentOS] Hacking Issue

2011-09-26 Thread Jorge Fábregas
On 09/26/2011 07:45 AM, Jennifer Botten wrote: I am blocking UDP and TCP from that IP. I also have an OUTPUT rule however mine has the -o eth0 as the -i eth0 does not work. Yes, I had it wrong. For the OUTPUT chain you use the -o ethX. Perhaps you have an ALLOW rule for udp or some other

Re: [CentOS] Hacking Issue

2011-09-26 Thread Keith Roberts
On Mon, 26 Sep 2011, Jennifer Botten wrote: To: centos@centos.org From: Jennifer Botten jenni...@etech.co.za Subject: [CentOS] Hacking Issue Hi, I am having an issue with someone accessing our server via a SIP/VOIP connection. I have changed my iptables rules to drop all UDP traffic

Re: [CentOS] Hacking Issue

2011-09-26 Thread Micky L Martin
, Jennifer Botten wrote: To: centos@centos.org From: Jennifer Botten jenni...@etech.co.za Subject: [CentOS] Hacking Issue Hi, I am having an issue with someone accessing our server via a SIP/VOIP connection. I have changed my iptables rules to drop all UDP traffic from and too this IP

Re: [CentOS] Hacking Issue

2011-09-26 Thread Theo Band
On 09/26/2011 01:02 PM, Jennifer Botten wrote: Hi, I am having an issue with someone accessing our server via a SIP/VOIP connection. I have changed my iptables rules to drop all UDP traffic from and too this IP address, but this traffic seems to still run through my server. These are

Re: [CentOS] Hacking Issue

2011-09-26 Thread m . roth
Theo Band wrote: On 09/26/2011 01:02 PM, Jennifer Botten wrote: I am having an issue with someone accessing our server via a SIP/VOIP connection. I have changed my iptables rules to drop all UDP traffic from and too this IP address, but this traffic seems to still run through my server.