Hi to everyone.
I have configured my router ( cisco 2511 IOS 11.1) to deny
everything but tcp 25, udp & tcp 53 , tcp 80 .
Still someone has managed to break in . What can I do stop this things ?
Is there somenthing more that I should do ? Because obviously what I have
done up to now has not been enough.
When a type netsat -a I get:
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:pop-3 *:* LISTEN
tcp 0 0 *:finger *:* LISTEN
tcp 0 0 *:53 *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 *:www *:* LISTEN
tcp 0 0 *:49 *:* LISTEN
tcp 0 0 *:6000 *:* LISTEN
tcp 0 21001 compu-redes.net.mx:www gdl0253.infosel.ne:1148 ESTABLISHED
tcp 0 11556 compu-redes.net.mx:www gdl0253.infosel.ne:1149 ESTABLISHED
udp 0 0 *:161 *:*
udp 0 0 localhost:53 *:*
udp 0 0 compu-redes.net.mx:53 *:*
udp 0 0 *:53 *:*
udp 0 0 *:syslog *:*
raw 0 0 *:1 *:*
What does the raw connection mean ? Can someone help me out please
? I am getting tired of these people attacking all the time. Or can
someone lead me to where I can get information to stop this ?
Any information will be deeply appreciated.
THANKS!!!!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
