From: "Harry Putnam" <[EMAIL PROTECTED]>
> "J. Dow" <[EMAIL PROTECTED]> writes:
>
> > From: "Harry Putnam" <[EMAIL PROTECTED]>
> >
> > > I wanna play in this mess with my nifty log scanning tools but my
> > > hardware firewall just drops the connect attempts on 80. I see them
> > > but I don't get to see the nifty buffer overflow stuff that gets
> > > stuffed in. I run no web server so my hardware just drops the
> > > connections and reports it.
> >
> > Um, build a sacrificial system? Block all outgoing attempts but allow
> > incoming events to pierce the firewall and get logged? I have no urge
> > to play with that so I'm not about to compromise security here.
>
> Far as I know the Code red worm can't infect apache. You mean you
> have no port 80 open? Or do you mean you have no win2000 with 80
> showing?
I have several port 80s open to the internal network. What shows depends
on the name by which the machine was accessed.
Port 80 is blocked incoming from the internet port as are about all other
ports you care to imagine.
{^_-}
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
