On Monday 07 January 2008 12:09, Jay wrote:
> On Mon, 7 Jan 2008, Erich Newell wrote:
> > 1) Why do you have a service listening on this port if you intend to
> > block all traffic to it?
>
> TCP/111 is listening on an internal interface (eth1) but blocked on eth0.
> Lame, but RPC does not seem to
On Monday 07 January 2008 10:12, Jay wrote:
> I have dozens of servers, all of them running the most recent Debian
> stable branch and pretty basic iptables instances. All are working well
> except for two of them... On these two problem servers, iptables seems to
> be intermittently stopping and s
On 1/7/08, Jay <[EMAIL PROTECTED]> wrote:
> On Mon, 7 Jan 2008, Joshua Zeidner wrote:
>
> > using arent just some UI for Nmap. Is this machine running IP tables
> > some kind of gateway/firewall?
>
>
> I just repeated with good ole' telnet.
you're verifying *what* with telnet exactly? That the
On Mon, 2008-01-07 at 12:52 -0700, Jay wrote:
> On Mon, 7 Jan 2008, Erich Newell wrote:
>
> > How often does this "cycle" back and forth? Can you make any kind of
> > prediction whether or not it will be "up"?
>
>
> I have not been able to accurately predict it, but the cycles seem to be
> any
On Mon, 7 Jan 2008, Joshua Zeidner wrote:
>Is this a custom kernel?
Nope - standard kernel from Debian stable:
# uname -a
Linux server 2.6.18-5-686 #1 SMP Sat Dec 1 22:58:58 UTC 2007 i686 GNU/Linux
--
~Jay
---
PLUG-discuss mailing list -
On Mon, 7 Jan 2008, Erich Newell wrote:
> How often does this "cycle" back and forth? Can you make any kind of
> prediction whether or not it will be "up"?
I have not been able to accurately predict it, but the cycles seem to be
anywhere from a few seconds to a minute or two. I just did 10 scan
On 1/7/08, Jay <[EMAIL PROTECTED]> wrote:
> On Mon, 7 Jan 2008, Joshua Zeidner wrote:
>
> > using arent just some UI for Nmap. Is this machine running IP tables
> > some kind of gateway/firewall?
>
>
> I just repeated with good ole' telnet. When iptables is not working, I can
> connect, then a few
How often does this "cycle" back and forth? Can you make any kind of
prediction whether or not it will be "up"?
- Erich
--
"A man is defined by the questions that he asks; and the way he goes
about finding the answers to those questions is the way he goes
through life."
-
On Mon, 7 Jan 2008, Joshua Zeidner wrote:
> using arent just some UI for Nmap. Is this machine running IP tables
> some kind of gateway/firewall?
I just repeated with good ole' telnet. When iptables is not working, I can
connect, then a few seconds later, it is rejected. The servers (the same
On 1/7/08, Jay <[EMAIL PROTECTED]> wrote:
> On Mon, 7 Jan 2008, Joshua Zeidner wrote:
>
> > That is not really a safe assumption. Nmap is not really that
> > accurate of an instrument. If you are concerned for some other
>
>
> I have tried two port scanners (one being nmap, and two versions of n
On Mon, 7 Jan 2008, Shawn Badger wrote:
> I would check netstat during the scan to see if nmap is in fact
> connecting and I would also just watch the iptables service and see if
> you see it go away during the scan. These are just a couple places
> that I would start with.
Unfortunately, alread
I would check netstat during the scan to see if nmap is in fact
connecting and I would also just watch the iptables service and see if
you see it go away during the scan. These are just a couple places
that I would start with.
On Jan 7, 2008 12:12 PM, Jay <[EMAIL PROTECTED]> wrote:
> On Mon, 7 Jan
On Mon, 7 Jan 2008, Joshua Zeidner wrote:
> That is not really a safe assumption. Nmap is not really that
> accurate of an instrument. If you are concerned for some other
I have tried two port scanners (one being nmap, and two versions of nmap
at that), from three source locations. All show
On Mon, 7 Jan 2008, Erich Newell wrote:
> 1) Why do you have a service listening on this port if you intend to
> block all traffic to it?
TCP/111 is listening on an internal interface (eth1) but blocked on eth0.
Lame, but RPC does not seem to have a method of binding the daemon to a
specific i
On 1/7/08, Jay <[EMAIL PROTECTED]> wrote:
>
> I have dozens of servers, all of them running the most recent Debian
> stable branch and pretty basic iptables instances. All are working well
> except for two of them... On these two problem servers, iptables seems to
> be intermittently stopping and s
A few quesitons:
1) Why do you have a service listening on this port if you intend to
block all traffic to it?
2) Are there any other services that might be exposed if iptables are
reset? or is sunrpc the only one?
3) What logs do you have with normal operation?
I would recommend removing all unn
On Mon, 2008-01-07 at 10:46 -0700, Jay wrote:
> On Mon, 7 Jan 2008, Craig White wrote:
>
> > gee...you're the security expert
>
>
> Perhaps, but that does not make me an expert on the funkiness of every
> piece of security-related software. :)
>
>
> > Do you have something like denyhosts (I
On Mon, 7 Jan 2008, Craig White wrote:
> gee...you're the security expert
Perhaps, but that does not make me an expert on the funkiness of every
piece of security-related software. :)
> Do you have something like denyhosts (I vaguely recall something else
> like it that starts with a 'p') th
On Mon, 2008-01-07 at 10:12 -0700, Jay wrote:
> I have dozens of servers, all of them running the most recent Debian
> stable branch and pretty basic iptables instances. All are working well
> except for two of them... On these two problem servers, iptables seems to
> be intermittently stopping
I have dozens of servers, all of them running the most recent Debian
stable branch and pretty basic iptables instances. All are working well
except for two of them... On these two problem servers, iptables seems to
be intermittently stopping and starting. There is nothing in the system
logs to
20 matches
Mail list logo