[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] UDP wide open?!?!?



On Thursday 31 October 2002 00.27, Anders Johansson wrote:
<snip>
Also, if I'm reading this correctly

*)
                test "$DONE_ALL" = yes || for CHAIN in input_int input_dmz 
input
_ext; do
                    $LAA $IPTABLES -A $CHAIN -j LOG ${LOG}"-ACCEPT " -p udp 
--sp
ort $j --dport 1024:65535
                    $IPTABLES -A $CHAIN -j "$ACCEPT" -m state --state 
NEW,ESTABL
ISHED,RELATED -p udp --sport $j --dport 1024:65535
                done
                ;;

It looks like if you have anything unrecognized (like "domain" or "ntp") then 
all high udp ports will be open

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here