-
April 27th, 2003, 09:30 PM
#1
Common Incoming TCP/UDP Traffic
I found this link recently and thought I'd share its informational wealth. This is a great explanation and breakdown of all kinds of traffic that you might be seeing in your firewall logs.
Anyways, it's *loaded* with information on everything from Trojans and Registrar Databases to ICMP traffic and Tracerouting. Check it out.
(I put it under this forum because it's mainly about Firewall Logs.)
http://www.robertgraham.com/pubs/firewall-seen.html#1.1
The object of war is not to die for your country but to make the other bastard die for his - George Patton
-
April 27th, 2003, 09:50 PM
#2
This looks excellent from what I've read so far. It seems this page would be excellent resource for newbs, and a valuable resource for the experienced.
-
April 27th, 2003, 11:41 PM
#3
Junior Member
-
April 27th, 2003, 11:46 PM
#4
Junior Member
Shag Devil,this one newbie thanx you a lot for your effort.walter.
-
April 28th, 2003, 12:25 AM
#5
Member
Quallity link thanks for the info
-
April 28th, 2003, 09:07 AM
#6
A good link, but unfortunatly not exhaustive! I would not base my sec policy on it ...
just an example: Evilbots & other IRC's that use port udp/6667 & udp/6668 to rcv/send info from/to the attacker.
These bots can be easily found in the net or be programmed. Sript kiddies love it...
[shadow] SHARING KNOWLEDGE[/shadow]
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|