Re: Looking for a network sniffer that collects a used-ports list to help preparing a portfilter firewall script
Hello On 2004-11-12 martin f krafft wrote: also sprach Christian Hammers [EMAIL PROTECTED] [2004.11.12.1538 +0100]: I remember a network sniffer that could be run e.g. over a week to collects a list of all used tcp/udp ports which could then be used as base for creating a firewall script for hosts. What an extraordinarily bad idea. You should know what you allow. The problem are those customers. One has a firewall but forgot the password and wants to replace the whole thing. I can, of course, blame him, if he forgets to tell me of a script that fetches data on Port 12345 but it would be easier if I would catch that information and could ask him about this port. So it's just meant as a help. bye, -christian- pgp5sVJUiFS5H.pgp Description: PGP signature
Re: Looking for a network sniffer that collects a used-ports list to help preparing a portfilter firewall script
First, read out aloud the first line of my signature, then read the Debian list policy, then verify the Mail-Followup-To header of my posts, and then do not CC anyone again unless requested. also sprach Christian Hammers [EMAIL PROTECTED] [2004.11.13.1228 +0100]: fetches data on Port 12345 but it would be easier if I would catch that information and could ask him about this port. So it's just meant as a help. With a properly configured firewall, you'll catch this information too. Do you think that your super-customer will have a clue what ports are used by what? Then you end up opening one port too many and the trojan horse is in. But you do as you want/need. I would impose such things on my customers since they purchase managed security with our services. They purchase security because they themselves are incapable. Thus, I would not open up an alley for them to err. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft [EMAIL PROTECTED] : :' :proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! signature.asc Description: Digital signature
Looking for a network sniffer that collects a used-ports list to help preparing a portfilter firewall script
Hello I remember a network sniffer that could be run e.g. over a week to collects a list of all used tcp/udp ports which could then be used as base for creating a firewall script for hosts. Does anybody know the name of this tool? bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Looking for a network sniffer that collects a used-ports list to help preparing a portfilter firewall script
also sprach Christian Hammers [EMAIL PROTECTED] [2004.11.12.1538 +0100]: I remember a network sniffer that could be run e.g. over a week to collects a list of all used tcp/udp ports which could then be used as base for creating a firewall script for hosts. What an extraordinarily bad idea. You should know what you allow. Everything else should be blocked. You can use LOG and scan the kern.log file and selectively add stuff later. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft [EMAIL PROTECTED] : :' :proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! signature.asc Description: Digital signature
