From: Gavin Hamill <gdh@acentral.co.uk>
To: netfilter@lists.netfilter.org
Subject: Re: smtp
Date: Fri, 14 May 2004 13:28:49 +0100 [thread overview]
Message-ID: <200405141328.49497.gdh@acentral.co.uk> (raw)
In-Reply-To: <BAY15-F11n0swXX1sPt0005ad74@hotmail.com>
On Friday 14 May 2004 13:07, azeem ahmad wrote:
> thanks a lot Mr. Gavin Hamill
> but i have blocked all the port 25 traffic even then the infected ip which
> is 192.168.0.105 is reciving smtp from many ip addresses from out side
> the script i run is as follow
That's fairly comprehensive - I don't think much will be getting through
that :)
You'll be running iptables on a machine with at least 2 network cards, so you
may wish to try tcpdump on both eth0 and eth1 - since you will still likely
be seeing the incoming traffic from the outside listed in the 'tcpdump'
ouput, but no replies should be happening.
Likewise, when you try on the other interface, you may see the LAN machine
trying to send out a lot, but the connections will be failing and there
should be nothing to worry about.
Feel free to post a small amount of 'tcpdump' output if it would help clear
things up?
Cheers,
Gavin.
next prev parent reply other threads:[~2004-05-14 12:28 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-05-14 12:07 smtp azeem ahmad
2004-05-14 12:28 ` Gavin Hamill [this message]
-- strict thread matches above, loose matches on Subject: below --
2004-05-14 20:11 smtp azeem ahmad
2004-05-14 20:22 ` smtp Alexis
2004-05-14 20:26 ` smtp Gavin Hamill
2004-05-14 18:54 smtp azeem ahmad
2004-05-14 19:47 ` smtp Gavin Hamill
2004-05-14 15:41 smtp azeem ahmad
2004-05-14 15:53 ` smtp Gavin Hamill
2004-05-14 13:19 smtp azeem ahmad
2004-05-14 13:40 ` smtp Gavin Hamill
2004-05-14 11:17 smtp azeem ahmad
2004-05-14 11:37 ` smtp Gavin Hamill
2004-05-14 12:46 ` smtp Antony Stone
2003-01-21 15:24 SMTP Steffen Bisgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200405141328.49497.gdh@acentral.co.uk \
--to=gdh@acentral.co.uk \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.