On Monday 05 April 2004 11:59 am, __ Radien__ wrote:
> here is just the table and may not be viewed well in my last post:
Okay, thanks, here are my comments on just the table again, since it is much
easier to read now :)
> Conn.State -s -d --proto -sport -dport SYN ACK
>
> New out web_server tcp <1024 80 Yes No
> Established web_server out tcp 80 <1024 Yes No
That should be "Yes Yes" at the end, I think.
> Established out web_server tcp <1024 80 No Yes
> Established web_server out tcp 80 <1024 No Yes
All the client connections are shown as using ports <1024 - that should be
"usually >1024", but even that isn't a certainty. You should allow for
clients using any port number at all.
Regards,
Antony.
--
If the human brain were so simple that we could understand it,
we'd be so simple that we couldn't.
Please reply to the list;
please don't CC me.
