about 4 requests/sec on port 4662

gbg · 08-19-2003, 07:51 AM

Hello There!

I'm running a firewall software on my redhat 9 machine (Firestarter) and I've noticed that i have about 4 requests per second on port 4662 from internet. That should not be a problem, but this causes a consuption of about 10% of CPU and more. Any any to prevent this?

10x.

Capt_Caveman · 08-19-2003, 10:08 PM

I would just use Firestarter to add a firewall rule to block that traffic. Port 4662 is eDonkey traffic, so you can safely DROP all the packets destined for port 4662 without being too worried about losing legitimate traffic. Blocking ~4requests/s shouldn't really consume alot of resources.

gbg · 08-21-2003, 11:47 AM

yeh. that worked fine, but now I have another 1000 requests to another 1000 ports... GRRR.
10x!

Capt_Caveman · 08-21-2003, 05:24 PM

Hmmmmm. Are they all from the same ip address(es)? It could be that you have some P2P software somewhere on your network. Alot of the newer ones can be nasty in that if the default ports are blocked they will scan all your ports looking for an open alternative. Check and see if you have any users behind the firewall that have installed any P2P clients. If the requests come from a few unique ip addresses then you can specifically DROP traffic from those ip addresses.

gbg · 08-21-2003, 06:09 PM

yep. i have a client on the network running kazaa. i'll do that. thanx.

Capt_Caveman · 08-21-2003, 06:14 PM

Damn users. Can't admin with them and you can't beat them to death with their keyboard.
Good Luck!