[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] eggdrop and monitoring

Subject: Re: [cobalt-security] eggdrop and monitoring
From: "Dave~" <cobaltraq4@xxxxxxx>
Date: Wed, 16 Apr 2003 19:20:25 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

----- Original Message -----
From: Michael Stauber
Subject: Re: [cobalt-security] eggdrop and monitoring

> b) Setup an IPtables or IPchains rule which prevents incomming and
> outgoing connections to port 6667. Set it up to log events and monitor your
> kernel logfile for trafic to those ports. The smarter guys might use
different
> ports, but in the end IRC usually runs on 6667. If you block incomming and
> outgoing connections to and from port 6667 then you ought to catch most
> offenders.

While true 6667 is the usuall default port, it is quickly becoming more common
to run on ports 6660 through 7002 and many IRC'ers realize this- especially
since the start of DalNet's problems.  Just my 1.5 cents worth...

Dave~

Follow-Ups:
- Re: [cobalt-security] eggdrop and monitoring
  - From: Michael Stauber

References:
- [cobalt-security] eggdrop and monitoring
  - From: Tik & Klik Internetdiensten
- Re: [cobalt-security] eggdrop and monitoring
  - From: Michael Stauber

Prev by Date: Re: [cobalt-security] eggdrop and monitoring
Next by Date: Re: [cobalt-security] Ipchains and dns - my firewall.
Previous by thread: Re: [cobalt-security] eggdrop and monitoring
Next by thread: Re: [cobalt-security] eggdrop and monitoring

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index