Hi,
Is it normal to IPChains automatic include a rule accepting conection from
my secondary NS. I'll try to explain it better.
I was compiling ntop in my redhat and sudenly it rebooted (don't know the
reason yet). When it came back I started looking for intruders or nukes or
something. The output of ipchains -L has a line I have never noticed and
don't know if it was there before:
# ipchains -nL | more
Chain input (policy ACCEPT):
target prot opt source destination ports
ACCEPT udp ------ my2ªNS 0.0.0.0/0 53 -> *
ACCEPT tcp ----l- myHome 0.0.0.0/0 * -> 22
I don't have the first rule in my /etc/sysconfig/ipchains file.
# more /etc/sysconfig/ipchains
:input ACCEPT
:forward ACCEPT
:output ACCEPT
# -A input -p icmp -s 0/0 8 -d myIP 0 -j REJECT
-A input -p tcp -i eth0 -s myHome -d 0/0 22 -l -j ACCEPT
The init-script is equal to the rpm one.
Do I have to worry? Does anybody know what is this?
Thank,
Bruno.
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
