On Tue, 2 Oct 2001, Ron DuFresne wrote: } } I suspect this has nothing at all to do with nimda, and has all to do with } someone trying to tunnel IPX through yer firewall, unless there is a new } nimda variant and there has been no news of that. What seems to place the } icing on the cake, is the netware client on the machines in question. } That and the fact that 524 is NOT a standard known TCP/IP port. } } Thanks, } } Ron DuFresne }
See... http://www.novell.com/coolsolutions/netware/features/a_ports_nw5_nw.html It's listed as "ncp" in some systems' /etc/services, probably for "Netware Core Protocol". Jim -- Jim Watt [EMAIL PROTECTED] Applied Biosystems Voice (desk): +1 408 577 2228 3833 North First Street Fax: +1 408 894 9307 San Jose CA 95134-1701 Voice (main): +1 408 577 2200 _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
