>> iptables -A INPUT -p TCP -s 0/0 -d 0/0 --dport 1025 -j DROP >> iptables -A FORWARD -p TCP -s 0/0 -d 0/0 --dport 1025 -j DROP >> iptables -A OUTPUT -p TCP -s 0/0 -d 0/0 --dport 1025 -j DROP > > http://www.linklogger.com/TCP1025.htm Er... that's TCP. But Mohamed is right, look around for some port lists. I don't see 1025/UDP on any of them. E.g. http://www.iss.net/security_center/advice/Exploits/Ports/ doesn't list any particular use for 1025/UDP (or TCP either), except that it's the first user-allocable port, so it's not surprising that some hosts should be using it. So I say get rid of those rules. A.
