LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-05-2006, 03:58 PM   #1
aikempshall
Member
 
Registered: Nov 2003
Location: Bristol, Britain
Distribution: Slackware
Posts: 906

Rep: Reputation: 154Reputation: 154
/var/log/syslog dpt=1079


Hi

I'm new to firewalls. However, I'm using Guarddog as a frontend to iptables. Also have a router that has an integral firewall. On Your system has achieved a perfect "TruStealth" rating.On the Gibson Research Corporation Shields up Site my system was given "a perfect "TruStealth" rating.".

However monitoring syslog I get

Quote:
Oct 5 20:23:12 LINUX kernel: ABORTED IN=eth0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=65.54.183.202 DST=10.0.0.4 LEN=40 TOS=0x00 PREC=0x00 TTL=116 ID=20659 DF PROTO=TCP SPT=80 DPT=1079 SEQ=4158834433 ACK=1308299161 WINDOW=0 RES=0x00 ACK RST URGP=0
Which I believe means that the ipaddress 65.54.183.202 has sent a packet from port 80 to my port 1079 which has been aborted at my end. Googling Port 1079 I've found it's called
Quote:
ASPROVATalk
and 65.54.183.202 is the Microsoft Passport Sign In web page. I'd been on hotmail.

My questions are -

what is port 1079 - ASPROVATALK? Do I need to know?
If Shields UP gives me a TruStealth rating have I done all I can to keep people out?

Thanks
 
Old 10-05-2006, 05:26 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
1079 is just the port number your linux box randomly assigned for the outbound communication, and condincidences with existing named ports is of no interest.... so this is you talking to microsoft. anythign else?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
/var/log/syslog messages. gbowden Slackware 2 02-25-2006 06:00 PM
Normal /var/log/syslog?? jimdaworm Slackware 2 02-03-2005 10:32 PM
No output to /var/log/messages or ~syslog eelriver Slackware 5 07-18-2004 06:13 AM
/var/log/syslog George666 Slackware 4 03-19-2004 08:34 AM
re: where is /var/log/syslog ergo_sum Red Hat 10 11-04-2003 07:27 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration