| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 39569 | 2003-11-10 23:49:00 | How do I find who's been leaching off my proxy? | Chilling_Silently (228) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 190797 | 2003-11-12 05:39:00 | Maybe some of you may need to read this (dictionary.reference.com) My ADSL connection is protected by iptables. It allows all packets out (which is bad, I should really fix this) and it will accept packets back in that are related to existing connections. It drops any other packets. You can find it here: segfault.slackware.co.nz Chill - talk to me on Jabber and I'll do an nmap scan of your machine to see whats open. |
segfault (655) | ||
| 190798 | 2003-11-12 05:49:00 | Sorry dude, my Jabber is bust and I cant work out why :-( Try another IM-Protocol perhaps ;-) I too have iptables running, but its on the machine with the proxy. I've only got 3 ports open now on my Router (Was 4, but I closed 3210 which I was using for my Proxy): SSH FTP HTTP Aside from that, its all locked. |
Chilling_Silently (228) | ||
| 190799 | 2003-11-12 06:00:00 | Well it wasn't me :D I only grabbed acouple of text files when I was talking to you. | PoWa (203) | ||
| 190800 | 2003-11-12 06:03:00 | Errr... Would you mind emailing me otherwise, Chilling_Silence[at]orcon[dot]net[dot]nz I would post my IP on here if you wanted to portscan me.... but that's prolly not a good idea. ive nmap'd myself and it shows telnet and a few others open (on the router) which is probably right. 4 ports, the rest are closed. Chil. |
Chilling_Silently (228) | ||
| 190801 | 2003-11-12 06:05:00 | Hehe.. And I had about 6 random IP's connect to me after that... Dunno who they belong to but they didnt download anything :p | Chilling_Silently (228) | ||
| 190802 | 2003-11-12 06:12:00 | > Hehe.. And I had about 6 random IP's connect to me > after that... I think I was one of the 6 that tried you to see if it was block :D |
stu140103 (137) | ||
| 190803 | 2003-11-12 06:16:00 | > I too have iptables running, but its on the machine > with the proxy. > I've only got 3 ports open now on my Router (Was 4, > but I closed 3210 which I was using for my Proxy): > SSH > FTP > HTTP This might be able to help go to www.grc.com then do a ShieldsUP!( here is a direct link to the test: grc.com ) then you should see what is open & close Hope this helps :) |
stu140103 (137) | ||
| 190804 | 2003-11-12 08:43:00 | If you want to avoid attention you could move SSH, FTP & HTTP to non-standard ports. This is what smoothwall does, where HTTP is port 81, and SSH is 222. It means you won't show up on the general port scans. | bmason (508) | ||
| 190805 | 2003-11-12 08:54:00 | First off; Dont get online unless you are able to master your machines, your connections and ports. People like you, hosting a proxy, making it possible for spammers to use oughta be banned from the net, Sorry! And yes, DO contact the ISPs used , logs you already got. Happy hunting, even tho I doubt anyone will do **** about this...sigh.. |
peter.jonsson (3024) | ||
| 190806 | 2003-11-12 08:54:00 | So you mean like doing that through my Router... Have it taking ports 81 for example and mapping them to port 80 on my PC?! I s'pose so.... Could be interesting training my friend to conntect to my FTp on port whatever.. I s'pose I just throw that on the end of the URL I send them though.. :-) Thanks for the advice, Will do :-) Chill. |
Chilling_Silently (228) | ||
| 1 2 3 | |||||