Server is now firewalled!!

Ka0s

For a long time the forum servers only had port 445 and 135 blocked in my router to keep blaster related shit out... but I finally enabled that XP firewall just so I could see what was going on... there were DOZENS of hits on port 666... I have no idea what it is...


2004-04-06 02:21:22 DROP TCP 143.127.3.10 192.168.0.2 31689 666 60 S 3976135026 0 5840 - - -
2004-04-06 02:21:25 DROP TCP 143.127.3.10 192.168.0.2 31689 666 60 S 3976135026 0 5840 - - -
2004-04-06 02:21:26 DROP TCP 65.94.179.200 192.168.0.2 45372 666 48 S 2998601533 0 64240 - - -
2004-04-06 02:21:28 DROP TCP 65.94.179.200 192.168.0.2 45380 666 48 S 2998601533 0 64240 - - -
2004-04-06 02:21:30 DROP TCP 65.94.179.200 192.168.0.2 45390 666 48 S 2998601533 0 64240 - - -
2004-04-06 02:21:31 DROP TCP 143.127.3.10 192.168.0.2 31689 666 60 S 3976135026 0 5840 - - -


Repeat that about 300 times and you;ll have what I was seeing... so I finally blocked 666 in my router... but I still dont know what it is...


The server also has the XP firewall, which from my testing, actually works.. only the ports I allow to be open are open!


Anyway, just though I'd mention this.

Simba7

Eh.. Ok..

I get hit with all sorts of crap all the time. Blaster doesn't effect me.

Ka0s

Blaster RELATED... theyre LIKE it... they use the same port,... but i have NO idea what 666 is...

Simba7

Maybe a SubSeven hit. When I have my workstation directly connected, I've been getting slammed by it (according to BlackICE).

Did a search on it. Looks like some kind of Back Door client trying to get in. Looks like all the port's good for is trojans and crap.

TCPMeta

The number "666" has obvious connotations. For this reason, it was chosen as the port number for "Doom", a popular 3D "first person shooter" game of the mid-1990s.

Because of the cool connotations, this port number has also been chosen for numerous Trojan Horse/backdoor programs.

Trojan: Attack FTP
http://www.iss.net/security_center/advi ... efault.htm

Ka0s

Well, Norton 2003 runs 24/7 with updated lists... and when I see an unfirmilliar process, I google it.. so thats not on here... its almost like some wierd bot attack.,..

Ka0s

I figured out what it was. I'm sure most of us remember the Fish.NET filesharing network. Well that ran on port 666 using the DNS fishnet.zapto.org... and there were still TONS of requests from people on OpenNap clients like WinMX... its more of an annoyance than a problem... it just makes my router logs HUGE....



Anyway, problem solved.

Q

Well after getting severly slowed by that I think Fish eventually ditched the zapto DNS for the presnet DynDNS one.

-Q

Q

...which got changed to No-IP! Yikes!

-Q

DevilsJim89

Another smart move Fish, the server's always getting better.

Slash

Now it's really fast and stable than ever. Thanks.

Ka0s

Way to bring up an old topic, guys :P


Anyway, The DynDNS works, but isnt running here, cause I know its just going to get taken down again if I have downloads on it. I do plan to bring that and NO-IP back, but I need to think of something to do with the downloads to not have them accessible on the DynDNS.

BOD

.HTACCESS ??

domain security??

DevilsJim89

lol damn i didnt even notice this was an old topic...i thought u just did it! lololz

Mr. Clean

FishNET3000 wrote:

... but i have NO idea what 666 is...

sounds like IBM from beyond the WinBoards Grave

SurfinShell23

If Fish gets that Fiber thing from Verizon, then the server will be really great!

Bash

fiber optic?

If so, that would be amazing if verizon offered that.

SurfinShell23

They will soon... I belive it's in TX now, and they're building the infrastructure up here in NJ.

Mr. Clean

FishNET3000 wrote:

Way to bring up an old topic, guys :P


Anyway, The DynDNS works, but isnt running here, cause I know its just going to get taken down again if I have downloads on it. I do plan to bring that and NO-IP back, but I need to think of something to do with the downloads to not have them accessible on the DynDNS.

WTF, we have rules ppl, but since so many replies have been made we'll let this slide, just dont bring up old threads in the future

SurfinShell23

Why... not?

Mr. Clean

Because its annoying as fucking hell

ps: its in the guidlines not to do it

pps: it's time consuming to continually delete yur new posts in old threads

Q

I'm not going to favour that with a responce, or agreement.

-Q

SurfinShell23

I have always maintained that just because a post is old, it doesn't mean that someone might not be able to enlighten it later on. Or in this case, there was new info.

It's not always bad to bring up old posts in my opinion, though it sometimes is pointless.

Q

Yea I like bringing up old stuff for a GOOD REASON.

I can understand why you'd say "No!" when someone goes back 15 pages and says "This seems to have died!" or "Me too!": those are worthless.

But if there's something contentfull and worthwhile, [CS] yes I'm going to say it, no care if the topics 2 months old or 5 pages back!

-Q

SurfinShell23

Especially in RC, where things get buried so quick. A thing a week or two old would be several pages back.

Mr. Clean

Yes, but if it is like from 2 weeks ago thats pretty old, and most usually irrevalent

Q

Mr. Clean wrote:

most usually irrevalent

But not always.

-Q

SurfinShell23

Mr. Clean wrote:

Yes, but if it is like from 2 weeks ago thats pretty old, and most usually irrevalent

I can think of many resasons things wouldn't be irrelivant from 2 weeks ago... 2 months is starting to get old, 2 years is really old.

Mr. Clean

Grr @ that, Q, Grr @ that. -_-

Ka0s

Mr. Clean wrote:

Grr @ that, Q, Grr @ that. -_-

Quit copying me.

Mr. Clean

Point taken.