On Friday 04 October 2002 12:25 pm, PayalR wrote: > Hi all, > Thanks a lot for the mails. > > > 161 - snmp - are you managing this system from elsewhere, or is this > > machine the snmp monitor ? UDP 161 only needs to be inbound if this > > machine is being monitored from elsewhere > > Well, I don't know anyting about SNMP thing. But the guys at the server > farm suggested I make some changes as told by them in my snmpd.conf, so > that they say I there will be able to monitor my machine. I guess so I am > just a client SNMP. So, which ports to keep open? UDP 161 inbound - to listen for SNMP commands UDP 162 outbound - to generate SNMP traps > > > Also, nmap shows that 2002/udp globe is open. Shall I close it? > > > > machine already has the Slapper worm on it, since that opens UDP port > > 2002 > > well, my machine had a slapper worm. I removed the .bugtraq file from /tmp. > Now still the port is open. This is very important to me. How do I close > the port???? nmap report says, > 2002/udp open globe > How do I know where and what is globe? How do I shut it? Sorry - don't know - never had Slapper :-) Anyone else here got any experience or pointers ? > > I would recommend setting your OUTPUT chain to ESTABLISHED,RELATED > > do you mean similar to INPUT rule i.e using -m and all? Yes. Antony. -- Behind the counter a boy with a shaven head stared vacantly into space, a dozen spikes of microsoft protruding from the socket behind his ear. - William Gibson, Neuromancer (1984)
