I recently installed portsentry on my Redhat 9 server, to try and secure it a little bit more. It seemed to be doing its job ok, but I noticed after about 3-6 hours when I go to check something on the internet the "host cannot be found" or "name cannot be found". Very strange...
I have had this adsl connection working for months without this problem, everything was fine until portsentry.
I have been getting a high amount of traffic on tcp port 135, which portsentry then blocks. However most of the traffic has come from withtin my service providers network.
I am getting action on port 135 about every 5 minutes.... mostly from comps on the same network as mine, ie the same first three or first two parts of my ip address.
So eventually none of my comps can find www.google.com
When I do traceroute to my nameserver ip it can be found.
I have double checked portsentry.conf and cannot see anything that may be causing this (although I obviously dont know what is causing this problem). In portsentry.ignore I added my local network, nameservers, default gateway etc....
Any ideas anyone.....