[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] UDP wide open?!?!?

On Thursday 31 October 2002 00.27, Anders Johansson wrote:
Also, if I'm reading this correctly

                test "$DONE_ALL" = yes || for CHAIN in input_int input_dmz 
_ext; do
                    $LAA $IPTABLES -A $CHAIN -j LOG ${LOG}"-ACCEPT " -p udp 
ort $j --dport 1024:65535
                    $IPTABLES -A $CHAIN -j "$ACCEPT" -m state --state 
ISHED,RELATED -p udp --sport $j --dport 1024:65535

It looks like if you have anything unrecognized (like "domain" or "ntp") then 
all high udp ports will be open

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here