Re: [SLUG] inbound connection attempt gets past hw firewall

From: Eben King (eben1@tampabay.rr.com)
Date: Mon May 23 2005 - 12:45:14 EDT

Next message: perthie: "Re: [SLUG] inbound connection attempt gets past hw firewall"
Previous message: NNEKWU OJOH.: "DIAMONDS FOR SALE AND INVESTMENT."
In reply to: Sick Twist: "Re: [SLUG] inbound connection attempt gets past hw firewall"
Next in thread: perthie: "Re: [SLUG] inbound connection attempt gets past hw firewall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Mon, 23 May 2005, Sick Twist wrote:

> >From: Eben King <eben1@tampabay.rr.com>
> >Reply-To: slug@nks.net
> >To: slug@nks.net
> >Subject: Re: [SLUG] inbound connection attempt gets past hw firewall
> >Date: Mon, 23 May 2005 11:24:39 -0400 (EDT)
> >
> >On Mon, 23 May 2005, Sick Twist wrote:
> >
> > > My home linux box is hooked up to a Linksys BEFSR41 which is behind a
> > > Linksys RT31P2. I noticed that Firestarter detected and blocked an
> > > inbound connection attempt on port 40379. It appears as though this
> > > attempt got past the hardware firewall on the RT31P2. I have a few
> > > ports being forwarded on the hw firewall but 40379 is not one of them.
> > > Am I missing something?
> >
> >The caller is ON YOUR LAN! GET OUT!
>
> I don't understand. Do you mean the intruder is on a local PC? It's just a
> small home network in my apartment. Only two computers are running at the
> moment (my linux box and a windows 2000 box).

It's a parody of a line from a recent horror movie. Victim receives
threatening call, calls operator, and is informed that the call's coming
from within the house and that she should leave.

Likewise, a possible explanation for the offending packet is that it
originated on your LAN (or even from your machine). Maybe some spyware or a
worm? I wouldn't worry about it too much unless it recurs. What was its
source address?

Here's some information:

http://www.securityreference.com/computers/ports/40000/40379.html

-- -eben ebQenW1@EtaRmpTabYayU.rIr.OcoPm home.tampabay.rr.com/hactar He who will not reason is a bigot; he who cannot is a fool; and he who dares not is a slave. -Sir William Drummond

----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.

Next message: perthie: "Re: [SLUG] inbound connection attempt gets past hw firewall"
Previous message: NNEKWU OJOH.: "DIAMONDS FOR SALE AND INVESTMENT."
In reply to: Sick Twist: "Re: [SLUG] inbound connection attempt gets past hw firewall"
Next in thread: perthie: "Re: [SLUG] inbound connection attempt gets past hw firewall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:05:26 EDT