Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Question about blocking incomming traffic
Special Forums IP Networking Question about blocking incomming traffic Post 302865449 by LMHmedchem on Friday 18th of October 2013 12:27:27 PM
Old 10-18-2013
Thank you for this very informative post. This is what I was looking for. If I read this right, my router will automatically block incoming connections unless I have set up port forwarding to allow it. Further, unless I am running the service that the connection is looking for, the connection would be refused anyway.

I have been to shields up and this system passes all of their tests there, other than the IP of my router being visible. This is the message that I get, "Your system has achieved a perfect "TruStealth" rating. Not a single packet, solicited or otherwise, was received from your system as a result of our security probing tests." I guess that should provide me some peace of mind.

Is there any way for there to be intrusion on port 80, since that will be used for normal internet traffic?

LMHmedchem
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Incomming EmailAttachments

Hello, I have a requirement to accept incoming email attachements on my server to be saved off and processed into a database. I can find lots of information on sending attachments but nothing about handling incomming attachments. I need to be able to test for an attachment, ensure it's ascii and... (1 Reply)
Discussion started by: grhodes
1 Replies

2. IP Networking

blocking DHCP

I've got a legit DHCP server on my network. I've got a 3550 as my VTP server providing 4 vlans to 4 2950 switches. If somebody were to plug into one of those vlans with a DHCP server configured then it would throw off my whole network. How could i block the DHCP server that could plug into the... (2 Replies)
Discussion started by: byblyk
2 Replies

3. Linux

how to configure Linux for incomming connections

I have two computers running red hat, but when i use telnet command in a shell from one to another, it works. but from the other , it does not, it said: refused. i sent the security for incoming connecting, but it still not work . anyone have experience ? thanks vh (1 Reply)
Discussion started by: new23
1 Replies

4. IP Networking

Mac OS X IP traffic shaping question

Not sure if this considered traffic shaping or not, so I'll appreciate the enlightenment... Setup- Mac Pro, Mac OS X 10.5.6, Crashplan Pro Backup server. the Mac Pro has 2 E-net ports, en0, en1. Both E-net ports are connected to the same network, different IP's. Problem- We are planning to... (1 Reply)
Discussion started by: pbenware
1 Replies

5. UNIX for Dummies Questions & Answers

NIC card monitoring traffic question

Folks; I have 2 NIC cards on my SUSE Linux server. One of them was reporting receive errors for a while now it's OK, but i'd like to monitor it. Is there any command i can run to tell me the usage in the past or give me a history of traffic and the speed that going on this specific card? I... (1 Reply)
Discussion started by: Katkota
1 Replies

6. UNIX for Advanced & Expert Users

ps blocking

Hi Folks I have been debugging a script that is called every thirty seconds. Basically it is doing a ps, well two actually, one to file (read by the getline below) and the other into a pipe. The one into the pipe is: - V_SYSVPS=/usr/sysv/bin/ps $V_SYSVPS -p$PIDLIST -o$PSARGS... (0 Replies)
Discussion started by: steadyonabix
0 Replies

7. UNIX for Dummies Questions & Answers

Blocking signals

I know how to add signal to a set. But what if I want to add 2 or 3 signals to the set. I know I can use sigaddset (&set,SIGBUS)....but what if I want to add SIGBUS and SIGALRM at once. Do i have to do it like this.. sigaddset (&set,SIGBUS); sigaddset (&set,SIGALRM); Is there another way to... (0 Replies)
Discussion started by: joker40
0 Replies

8. Solaris

Solaris Question - How to find outgoing traffic on UDP ports

Hello All, I am trying find a command that would show me the stats of outgoing traffic on UPD ports on a Solaris 10 box. I would appreciate if anybody could help me out on this. Thank you much!!! Best Regards Sudharma. (7 Replies)
Discussion started by: sudharma
7 Replies

9. IP Networking

blocking traffic to destination network by port

I am trying to block ALL traffic except when from ports 9100,22,23 to destination network 192.0.0.0 (my WAN): 2 networks 192.0.3.0 with static route to 192.0.0.0 Shouldn't this work?: iptables -A INPUT -p tcp -d 192.0.0.0/24 --dport 22 -j ACCEPT iptables -A INPUT -p tcp -d 192.0.0.0/24... (3 Replies)
Discussion started by: herot
3 Replies

10. Programming

Which are blocking and non-blocking api's in sockets in C ?

among the below socket programming api's, please let me know which are blocking and non-blocking. socket accept bind listen write read close (2 Replies)
Discussion started by: VSSajjan
2 Replies

LEARN ABOUT OPENDARWIN

faith

FAITH(4)						   BSD Kernel Interfaces Manual 						  FAITH(4)

NAME

     faith -- IPv6-to-IPv4 TCP relay capturing interface

SYNOPSIS

     pseudo-device faith [count]

DESCRIPTION

     The faith interface captures IPv6 TCP traffic, for implementing userland IPv6-to-IPv4 TCP relay like faithd(8).

     Special action will be taken when IPv6 TCP traffic is seen on a router, and routing table suggests to route it to faith interface.  In this
     case, the packet will be accepted by the router, regardless of list of IPv6 interface addresses assigned to the router.  The packet will be
     captured by an IPv6 TCP socket, if it has IN6P_FAITH flag turned on and it has matching address/port pairs.  In result, faith will let you
     capture IPv6 TCP traffic to some specific destination addresses.  Userland programs, such as faithd(8) can use this behavior to relay IPv6
     TCP traffic to IPv4 TCP traffic.  The program can accept some specific IPv6 TCP traffic, perform getsockname(2) to get the IPv6 destination
     address specified by the client, and perform application-specific address mapping to relay IPv6 TCP to IPv4 TCP.

     The IN6P_FAITH flag on IPv6 TCP socket can be set by using setsockopt(2), with level equals to IPPROTO_IPV6 and optname equals to IPv6_FAITH.

     To handle error reports by ICMPv6, some of ICMPv6 packets routed to faith interface will be delivered to IPv6 TCP, as well.

     To understand how faith can be used, take a look at source code of faithd(8).

     As faith interface implements potentially dangerous operation, great care must be taken when configuring faith interface.	To avoid possible
     misuse, sysctl(8) variable net.inet6.ip6.keepfaith must be set to 1 prior to the use of the interface.  When net.inet6.ip6.keepfaith is 0, no
     packet will be captured by faith interface.

     faith interface is intended to be used on routers, not on hosts.

SEE ALSO

     inet(4), inet6(4), faithd(8)

     Jun-ichiro itojun Hagino and Kazu Yamamoto, An IPv6-to-IPv4 transport relay translator, internet draft, draft-ietf-ngtrans-tcpudp-
     relay-04.txt, work in progress material.

HISTORY

     The FAITH IPv6-to-IPv4 TCP relay translator was first appeared in WIDE hydrangea IPv6 stack.

BSD
								  April 10, 1999							       BSD
All times are GMT -4. The time now is 04:17 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy