Joerg Mertin wrote: > > Now - Is there a specific reason why you actually lock/blacklist the > following ports ? > > - udp 1024:1033,1434 > - tcp 57,1433,1434,2401,2745,3127,3306,3410,4899,5554,6101,8081,9898 > > These should IMHO be blocked by the outside world already throuh the > default policies. Or has it rather something to do with making sure no > requests goes from the Laptop to the outside world through these ports ?
Probes on those ports are very common. By blacklisting them (with BLACKLIST_LOG_LEVEL=""), I avoid the log clutter that would otherwise result. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
