Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
08-19-2003, 07:51 AM
|
#1
|
|
Member
Registered: Aug 2003
Location: Lisbon Portugal
Distribution: Red Hat 9
Posts: 55
Rep: 
|
about 4 requests/sec on port 4662
Hello There!
I'm running a firewall software on my redhat 9 machine (Firestarter) and I've noticed that i have about 4 requests per second on port 4662 from internet. That should not be a problem, but this causes a consuption of about 10% of CPU and more. Any any to prevent this?
10x.
|
|
|
|
|
08-19-2003, 10:08 PM
|
#2
|
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
I would just use Firestarter to add a firewall rule to block that traffic. Port 4662 is eDonkey traffic, so you can safely DROP all the packets destined for port 4662 without being too worried about losing legitimate traffic. Blocking ~4requests/s shouldn't really consume alot of resources.
|
|
|
|
|
08-21-2003, 11:47 AM
|
#3
|
|
Member
Registered: Aug 2003
Location: Lisbon Portugal
Distribution: Red Hat 9
Posts: 55
Original Poster
Rep:
|
yeh. that worked fine, but now I have another 1000 requests to another 1000 ports... GRRR.
10x!
|
|
|
|
|
08-21-2003, 05:24 PM
|
#4
|
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
Hmmmmm. Are they all from the same ip address(es)? It could be that you have some P2P software somewhere on your network. Alot of the newer ones can be nasty in that if the default ports are blocked they will scan all your ports looking for an open alternative. Check and see if you have any users behind the firewall that have installed any P2P clients. If the requests come from a few unique ip addresses then you can specifically DROP traffic from those ip addresses.
|
|
|
|
|
08-21-2003, 06:09 PM
|
#5
|
|
Member
Registered: Aug 2003
Location: Lisbon Portugal
Distribution: Red Hat 9
Posts: 55
Original Poster
Rep:
|
yep. i have a client on the network running kazaa. i'll do that. thanx.
|
|
|
|
|
08-21-2003, 06:14 PM
|
#6
|
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
Damn users. Can't admin with them and you can't beat them to death with their keyboard.
Good Luck!
|
|
|
|
All times are GMT -5. The time now is 09:22 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
