Results 1 to 6 of 6

Thread: Common Incoming TCP/UDP Traffic

  1. #1
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    SC
    Posts
    718

    Common Incoming TCP/UDP Traffic

    I found this link recently and thought I'd share its informational wealth. This is a great explanation and breakdown of all kinds of traffic that you might be seeing in your firewall logs.
    Anyways, it's *loaded* with information on everything from Trojans and Registrar Databases to ICMP traffic and Tracerouting. Check it out.
    (I put it under this forum because it's mainly about Firewall Logs.)

    http://www.robertgraham.com/pubs/firewall-seen.html#1.1
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  2. #2
    Senior Member
    Join Date
    Apr 2003
    Posts
    147
    This looks excellent from what I've read so far. It seems this page would be excellent resource for newbs, and a valuable resource for the experienced.

  3. #3
    Junior Member
    Join Date
    Apr 2003
    Posts
    7
    Thanks, cool link.

  4. #4
    Junior Member
    Join Date
    Nov 2001
    Posts
    12
    Shag Devil,this one newbie thanx you a lot for your effort.walter.

  5. #5
    Quallity link thanks for the info

  6. #6
    Senior Member
    Join Date
    Nov 2002
    Posts
    382
    A good link, but unfortunatly not exhaustive! I would not base my sec policy on it ...

    just an example: Evilbots & other IRC's that use port udp/6667 & udp/6668 to rcv/send info from/to the attacker.
    These bots can be easily found in the net or be programmed. Sript kiddies love it...
    [shadow] SHARING KNOWLEDGE[/shadow]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •