Alan, alan c wrote:
> thanks. > (I don't run an ftp server). OK. I made this assumption because you had the FTP ports open! > mmm. Since I have reduced the number of peers allowed, the blocking > indications from the firewall have stopped. One of the torrent faq > sites mentioned about the allocated ports being at times overloaded. I > wonder if there were so many peers attempting to use the seed that the > ports (management) worked differently or badly, so that other ports > were being sought, tried, and obviously blocked? That seems a distinct possibility. If you remove your outbound rules this will no longer matter. > I am mystified though about the service names (and associated ports) > at the time. For example one was Gatecrasher (service name) and this > was trying to go out on port 6969 and google indicates this is a > (windows) trojan. There is no fixed usage or ports above 1024. Gatecrasher may well use 6969, but that doesn't mean nothing else will, so I wouldn't worry too much about this. You can be confident that a Windows trojan just will not run on a Linux box! Regards, Tony. -- Tony Arnold, IT Security Coordinator, University of Manchester, IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL. T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039 E: [EMAIL PROTECTED], H: http://www.man.ac.uk/Tony.Arnold -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
