elvene wrote:
>
> Jeff, Thanks for the quick response.
>
> My firewall is a NAT, and does have an HTTP proxy on it. But I do not
> use the 192.168.27.X address space anywhere, and I am seeing several
> dozens of different source addresses on these packets - none of which I
> use (all in the 192.168.X.X range). It looks as though someone is
> trying a brute force 192.168.(ALL):80 --> (Firewall):(All ports) scan.
If you are using (for example) 192.168.10.0/24, you should have something to
block all input from 192.168.0.0/16 on the external interface, then allow
masquerading of 192.168.10.0/24 to 0/0. The author of
ipchains-firewall-current.tar.gz (from freshmeat) has it pretty well step by
stepped.
Blue skies.... Todd
--
Most traditional Pee-Cee user groups, I've noticed, function mainly as
commiseration societies for people who've bought lousy hardware, are
struggling and wasting time trying to deal with it, and want to exchange
coping-strategy tips with others in the same boat. -- Rick Moen
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
