Broadband Security - Mandriva

This is a discussion on Broadband Security - Mandriva ; Jim Beard wrote: > Robert M. Riches Jr. wrote: >> I want to know who gave permission to the politicians to >> mess around with the clocks! :-( > > Seems to me that was arms industry executives in WW-II. ...

+ Reply to Thread
Page 6 of 7 FirstFirst ... 4 5 6 7 LastLast
Results 101 to 120 of 130

Thread: Broadband Security

  1. Re: Broadband Security

    Jim Beard wrote:

    > Robert M. Riches Jr. wrote:
    >> I want to know who gave permission to the politicians to
    >> mess around with the clocks! :-(

    >
    > Seems to me that was arms industry executives in WW-II.
    > Asking workers to come in at 0400 or 0500 was not well
    > received, but if the clocks could be moved a couple of
    > hours things would start closer to sunrise and the
    > second shift would have more daylight hours.
    >
    > Once it had been done once, lots of people decided it
    > would be nifty to keep doing it.
    >


    In the UK Daylight Saving Time was first used during World War I (in 1916).

    http://www.nmm.ac.uk/server/show/ConWebDoc.21523


    Jim


  2. Re: Broadband Security

    On Wed, 20 Jun 2007 17:01:33 -0400, David W. Hodgins wrote:

    > daylight
    > savings time.


    Daylight SavinG Time. We are saving the daylight, not savings it. See

    http://www.energy.ca.gov/daylightsaving.html "More About Time," 2/3 down
    the page;
    http://webexhibits.org/daylightsaving/b.html "Spelling and Grammar"
    paragraph;
    http://www.energy.ca.gov/daylightsaving.html;

    and numerous other references including the bottom of the inside front
    cover of the World Almanac and Book of Facts.

    Sorry to rant on this but whenever I see this locution it makes all the
    little hairs on my plot stand on end, which I find very unpleasant.

    Thank you.

    --
    Gary G. Taylor * Pomona, CA * 34.074630N 117.754195W
    knotgary at knotdonavan dot org http : // www.donavan.org
    "The two most abundant substances in the Universe are hydrogen
    and stupidity." --Frank Zappa, R.A. Heinlein and many others



  3. Re: Broadband Security - cron/anacron conflict resolved

    On 2007-06-20, Adam wrote:
    >
    > This makes things a LOT easier. All I have to do is schedule anacron to
    > run both at startup and during the night (either before 1 AM or on/after
    > 3 AM). Then if my system's on during the night, the anacron jobs will
    > be run during the night. If I restart my system later the same day,
    > anacron will run as part of startup and see that the jobs have already
    > been done that day. If my system isn't on all night, then all the
    > anacron jobs will be run at the next startup, leaving me with a sluggish
    > computer for a while, but that won't happen very often, and at least all
    > the vital tasks will get done.


    Unless my seven years experience has led me astray, that
    sort of thing is taken care of automagically by the default
    setups for anacron and such. I have one machine that stays
    on 24/7 and two others that are powered up only when
    actually being used. On the latter machines, anacron runs
    tripwire a few minutes after they power up. On the former
    machine, anacron or cron runs tripwire in the wee hours of
    the morning at the same time each day, and I didn't have to
    tweak anything to have that happen.

    --
    Robert Riches
    spamtrap42@verizon.net
    (Yes, that is one of my email addresses.)

  4. Re: Broadband Security

    On Wed, 20 Jun 2007, in the Usenet newsgroup alt.os.linux.mandriva, in article
    , Adam wrote:

    >Moe Trin wrote:


    >> I don't use anacron, but my understanding is that anacron only runs jobs
    >> a specified amount of time after power on, and it doesn't know anything
    >> about wall-clock time.

    >
    >You're right about anacron. I think I can put something together using
    >cron, anacron, at, and the timestamps in /var/spool/anacron/cron.* that
    >will run jobs at 4 AM if possible, otherwise soon after next powerup.


    I'd just use the normal {vixie|dillon}-cron for stuff that has to run
    at a given time each day, and use anacron for the other stuff that runs
    less often. They are using separate crontabs, and there's nothing that
    prevents you from running both at the same time.

    >> Have you looked at "The Linux System Administrators' Guide" from the LDP?

    >
    >Not yet, but I've downloaded it and will look at it. Thanks!


    In your Copious Free Time (tm), there are several other books on the LDP
    that are worth reading. We've already mentioned th ABS guide.

    Old guy

  5. Re: [OT] Broadband Security

    On Wed, 20 Jun 2007, in the Usenet newsgroup alt.os.linux.mandriva, in article
    , Adam wrote:

    >Moe Trin wrote:


    >> I was disappointed with the movie - the "special effects" with the strange
    >> color sequences didn't do it for me.

    >
    >I've heard about the colors in that movie -- never seen it (or a stage
    >production), just read the script and heard the OBC album.


    Your neighborhood video rental joint (or public library) doesn't have it???

    >There's a local theater that shows a classic film (35 mm, big screen)
    >most months, so maybe it will come around to there.


    I can't remember if it was available on 35 mm - I _thought_ it was
    on a larger format film.

    Old guy

  6. Re: [OT] Broadband Security

    On Wed, 20 Jun 2007, in the Usenet newsgroup alt.os.linux.mandriva, in article
    <%edei.4626$Sm5.3433@trndny04>, Adam wrote:

    >If it moves and it's not supposed to, use duct tape. If it's supposed
    >to move and doesn't, use WD-40.


    Otherwise, paint it - like those rocks artistically arranged out in
    front of base headquarters

    >Recently I was looking over some of my father's slides from 1959-1961.
    >Most of the Ektachromes had turned into monochrome, various shades of
    >rust-brown. On a few of them, it was possible to guess at what the
    >original colors had been.


    Wonder why - the very limited amount of slides that I have from that
    era are fine.

    >All the Kodachromes still looked great. This is all on film bought at
    >retail, and processed by Kodak.


    Weird - I didn't do that much color back then, but nearly all of it was
    slides. I was using Ektachrome, High-Speed Ektachrome, and Kodachrome
    depending. The stuff was generally processed commercially, as I couldn't
    afford that much (E3 at that time - maybe US$90/month).

    >For class, I shot one roll with an Argus C3 ("brick"), and now I
    >understand why so many people traded it in.


    I seem to recall that I had one of those turkies - and sold it when I
    got my Edixa.

    Old guy

  7. Re: Broadband Security


    > On Wed, 20 Jun 2007 17:01:33 -0400, David W. Hodgins wrote:
    >> daylight
    >> savings time.

    >

    Gary G. Taylor wrote:
    > Daylight SavinG Time. We are saving the daylight, not savings it.


    But it is a time of daylight savings. Of course, one could demand
    a hyphen, and observe that it is non-standard at the very least.

    > Sorry to rant on this but whenever I see this locution it makes all the
    > little hairs on my plot stand on end, which I find very unpleasant.


    I believe language should be held to standards appropriate for
    where/when it is used. On this forum, if people understand what
    I intend, I consider that adequate. And the little hairs on your
    plot may stand in any manner they wish. That is your problem, not
    mine.

    Cheers!

    jim b.

    --
    UNIX is not user-unfriendly; it merely
    expects users to be computer-friendly.

  8. Re: Broadband Security - cron/anacron conflict resolved

    Robert M. Riches Jr. wrote:
    > Unless my seven years experience has led me astray, that
    > sort of thing is taken care of automagically by the default
    > setups for anacron and such. I have one machine that stays
    > on 24/7 and two others that are powered up only when
    > actually being used. On the latter machines, anacron runs
    > tripwire a few minutes after they power up. On the former
    > machine, anacron or cron runs tripwire in the wee hours of
    > the morning at the same time each day, and I didn't have to
    > tweak anything to have that happen.


    Thanks, Robert. You know, you're right! Let's see... just "thinking
    out loud" here...

    Daily tasks: if my system is on at 4:02 AM (or whatever time is in
    /etc/crontab), cron will do all the daily tasks and set anacron's
    datestamp to the current day. If my system isn't on at 4:02 AM, anacron
    will do them at the next startup, and set the datestamp to the current
    day. The only problem I can see is that if I start (or restart) Linux
    between midnight and 4:02 AM, anacron will do the tasks as part of
    startup (since it's a new day), then they'll get done again at 4:02 AM
    by cron. That may be a waste of computing resources but otherwise
    shouldn't be a real problem.

    Weekly tasks: same thing. I think /etc/crontab has them set for 4:22 AM
    Sunday, so if I startup between 00:00 Sunday and 04:22 Sunday, they'll
    get run twice. Not a real problem.

    Monthly tasks: Default, cron does them at 4:42 AM on the 1st of each
    month, while anacron does them if they haven't been done in the past 30
    days. I think /etc/anacrontab should have a "31" there. Otherwise,
    cron will next do those tasks at 4:42 AM on Sunday, July 1. On July 31,
    anacron will calculate that it's been 30 days and do them again. OTOH
    if they're done on February 1, cron will kick in March 1, ensuring that
    they're done once and only once every month. (Unless, of course, I
    happen to (re)start the system between midnight and 4:42 AM on the first
    Sunday of the month.)

    Conclusion: Change 30 to 31 in anacrontab, fiddle with the start times
    in crontab (but not between 01:00 and 02:59!) and delay times in
    anacrontab if I want to, but basically just put all my
    daily|weekly|monthly tasks into /etc/cron.daily|weekly|monthly and
    everything will get done when it's supposed to, or as soon afterwards as
    possible.

    Thanks again, Robert, for helping me reason this thing out. It's kind
    of nice to see all this complicated reasoning lead to a simple solution!

    Adam

  9. Re: Broadband Security

    Moe Trin wrote:
    > I'd just use the normal {vixie|dillon}-cron for stuff that has to run
    > at a given time each day, and use anacron for the other stuff that runs
    > less often. They are using separate crontabs, and there's nothing that
    > prevents you from running both at the same time.


    As I reasoned out in my prior post to Robert M. Riches Jr., it looks
    like all I have to do is put my tasks in /etc/cron.daily|weekly|monthly
    as appropriate, and either cron will do them at the desired time, or
    anacron will do them as soon afterwards as possible. A lot of reasoning
    and I end up with the most obvious conclusion!

    > In your Copious Free Time (tm), there are several other books on the LDP
    > that are worth reading. We've already mentioned the ABS guide.


    Yes, I have the LDP bookmarked. It's already on my Copious Free Time
    list. Right now top priorities are writing the various security scripts
    for cron/anacron (e.g. aide), and telling everyone and everything about
    my new e-address. I think that's all that's left to do from the almost
    overwhelming "switch to broadband" project.

    Adam

  10. Re: [OT] Broadband Security

    I'm combining both "[OT] Broadband Security" threads here, since they
    both have absolutely nothing to do with broadband security.

    Moe Trin wrote:
    [movie "South Pacific"]
    > I can't remember if it was available on 35 mm - I _thought_ it was
    > on a larger format film.


    According to http://us.imdb.com/title/tt0052225/technical it was filmed
    in both 35mm and 65mm and released in Cinemascope (35mm) and Todd-AO
    (70mm), but I suspect actual filming was in 65mm only. The movie
    "Oklahoma!" was actually filmed twice -- usually mornings in Todd-AO,
    and the same scenes in the afternoon on more conventional equipment (
    http://us.imdb.com/title/tt0048445/alternateversions ). I was on a
    mailing list that had quite a discussion about this, and the overall
    consensus was that the performances in Todd-AO were "fresher" and a
    trifle better.

    >> Most of the Ektachromes had turned into monochrome, various shades of
    >> rust-brown.

    >
    > Wonder why - the very limited amount of slides that I have from that
    > era are fine.


    There are even Ektachromes I've shot (late 1970s) where the colors
    aren't as bright as they used to be.

    We mentioned cats earlier in this thread. There's a photo of me with a
    famous cat at http://mhvlug.org/AdamRubin -- one Brownie point to the
    first person who can give the name of the cat.

    Adam

  11. Re: Broadband Security

    On Fri, 22 Jun 2007, in the Usenet newsgroup alt.os.linux.mandriva, in article
    <9PFei.8851$Sm5.7434@trndny04>, Adam wrote:

    >As I reasoned out in my prior post to Robert M. Riches Jr., it looks
    >like all I have to do is put my tasks in /etc/cron.daily|weekly|monthly
    >as appropriate, and either cron will do them at the desired time, or
    >anacron will do them as soon afterwards as possible. A lot of reasoning
    >and I end up with the most obvious conclusion!


    The last time I looked at anacron, it looked as if it only ran jobs that
    were specified in /etc/anacrontab which has quite a different format from
    either the vixie-cron or dillon-cron /etc/crontab. Also, anacron was
    looking at /var/spool/anacron/* to decide whether or not to run the jobs
    (timestamp files). But then, the standard cron daemons also don't know
    about /etc/cron.* - which started out as a Debian thing. You may have
    to have the regular cron daemon kick the appropriate anacron timestamp
    file if it runs the jobs for some reason.

    >> In your Copious Free Time (tm), there are several other books on the
    >> LDP that are worth reading. We've already mentioned the ABS guide.


    Incidentally, the ABS guide was recently revised - now on version 5.0
    which was released earlier this month. I haven't had time to go through
    it yet.

    >Yes, I have the LDP bookmarked. It's already on my Copious Free Time
    >list.


    Problem is that list can get awfully large.

    Old guy

  12. Re: Broadband Security

    Moe Trin wrote:
    > The last time I looked at anacron, it looked as if it only ran jobs that
    > were specified in /etc/anacrontab


    At least in Mandriva 2007.0, anacrontab uses the lists from
    /etc/cron.daily|weekly|monthly, and the first job in each of those
    directories is to update anacron's date stamp. So whatever I put it
    /etc/cron.daily|weekly|monthly will either get executed by cron at the
    appropriate time, or by anacron at the next appropriate startup.

    I ran into another result of all this broadband security. I was trying
    to access my LUG's mailing list archives online. For some reason the
    web pages use port 444, and with all my broadband security measures I
    couldn't get it. I actually had to use my dialup ISP to get to it.
    I'll have to figure some way around this.

    Adam

  13. Re: Broadband Security

    On Sun, 24 Jun 2007 17:08:21 GMT, Adam wrote:
    >
    > I ran into another result of all this broadband security. I was trying
    > to access my LUG's mailing list archives online. For some reason the
    > web pages use port 444, and with all my broadband security measures I
    > couldn't get it. I actually had to use my dialup ISP to get to it.
    > I'll have to figure some way around this.


    should be an easy line in /etc/shorewall/rules. If you cannot
    understand the comments in the file, you should be able to add it with
    webmin, if you have it installed.

  14. Re: Broadband Security

    On Sun, 24 Jun 2007, in the Usenet newsgroup alt.os.linux.mandriva, in article
    <9yxfi.1262$t95.1257@trndny01>, Adam wrote:

    >Moe Trin wrote:
    >> The last time I looked at anacron, it looked as if it only ran jobs that
    >> were specified in /etc/anacrontab

    >
    >At least in Mandriva 2007.0, anacrontab uses the lists from
    >/etc/cron.daily|weekly|monthly, and the first job in each of those
    >directories is to update anacron's date stamp.


    That's a "local" addition by the rpm package creator. The source tarball
    has the anacrontab manpage, but no actual crontab or anacrontab file.

    >I ran into another result of all this broadband security. I was trying
    >to access my LUG's mailing list archives online. For some reason the
    >web pages use port 444


    444/tcp Simple Network Paging Protocol

    gotta love it. Well, this is merely the "well known" port registered for
    that particular service - nothing requires that it be the only use.

    >and with all my broadband security measures I couldn't get it. I
    >actually had to use my dialup ISP to get to it. I'll have to figure
    >some way around this.


    Off the top of the head, I can't think of a specific reason to be
    blocking 444/tcp outbound. For a first look, I'd run tcpdump and
    see what if anything the packets have to say. If it's disappearing down
    a black hole, my next step would be to use hping2, hping3, or
    tcptraceroute to see where things are being dropped.

    [compton ~]$ whatis hping2 hping3 tcptraceroute
    hping2 (8) - send (almost) arbitrary TCP/IP packets to network hosts
    hping3 (8) - send (almost) arbitrary TCP/IP packets to network hosts
    tcptraceroute (8) - A traceroute implementation using TCP packets
    [compton ~]$

    Old guy

  15. Re: Broadband Security

    Bit Twister wrote:
    > should be an easy line in /etc/shorewall/rules. If you cannot
    > understand the comments in the file, you should be able to add it with
    > webmin, if you have it installed.


    /etc/shorewall/rules has

    INCLUDE rules.drakx

    and Mandriva had already created a /etc/shorewall/rules.drakx that
    looked like:

    ACCEPT net fw tcp 444 -

    and I was still getting a network timeout on the page.

    I took some guesses and ended up with a rules.drakx that looked like this:

    #ACCEPT net fw tcp 444 -
    #ACCEPT net fw tcp - -
    #ACCEPT net fw tcp - 444
    #ACCEPT net fw tcp 444 444
    #ACCEPT net all tcp 444 444
    #ACCEPT all all all - -
    #ACCEPT all all tcp 444 444

    so I uncommented one line at a time, restarted shorewall and browser
    each time, tried to load https://lists.mhvlug.org:444/wws/arc/mhvlug ,
    and eventually got a network timeout, each time.

    Then I tried webmin. I got to the first screen, but then it kept giving
    me "The connection was refused when attempting to contact
    localhost:10000." What am I missing? Thanks!

    Adam

  16. Re: Broadband Security

    On Wed, 27 Jun 2007 02:15:34 GMT, Adam wrote:

    > /etc/shorewall/rules has
    >
    > INCLUDE rules.drakx
    >
    > and Mandriva had already created a /etc/shorewall/rules.drakx that
    > looked like:
    >
    > ACCEPT net fw tcp 444 -


    Then I'll have to guess you played with it through the Mandriva
    Control Center.

    That line says to allow any net (WAN nic) connection to get into the box
    using tcp on port 444.

    I'll suggest, putting the line in rules and deleting
    the line from rules.drakx.

    While in /etc/shorewall/rules, do read the comments.

    Then you play with rules from webmin.

    > Then I tried webmin. I got to the first screen, but then it kept giving
    > me "The connection was refused when attempting to contact
    > localhost:10000." What am I missing? Thanks!


    Well if you used MCC or urpmi webmin to install webmin, then
    https://localhost:10000/
    should have worked. click up a terminal
    su - root
    service webmin restart

    If you like you can install wireshark on the shorewall box with
    urpmi --wget wireshark --auto
    and use it to watch what is happening.

    I assume the shorewall box is lists.mhvlug.org and you are running
    your browser on lists.mhvlug.org trying to connect to webmin.


  17. Re: Broadband Security -- website on port 444 SOLVED

    Bit Twister wrote:
    [snip]

    The problem: I couldn't access
    https://lists.mhvlug.org:444/wws/arc/mhvlug -- I eventually got a
    timeout when I tried. Mucking around with shorewall, mcc, and webmin
    didn't help any. Then I ran into other problems, and it took a few days
    to solve those.

    Anyway, I found out why I couldn't connect to that website that was on
    port 444. I tried accessing it without using Linux at all, and still
    couldn't access it, so the problem wasn't with anything on Linux. It
    turned out to be the DSL router's firewall, which was set to send and
    receive only from standard ports, unless there was a rule specifying
    otherwise. I wrote a rule to allow outbound connections on port 444,
    and that solved it.

    I still have to fix being unable to connect with Seamonkey using DSL
    (Konqueror works ok), which explains the odd headers of this post. But
    at least I can now get to that website on port 444, and know what to do
    if I find another website that uses a non-standard port. Thanks, Bit
    Twister and everybody, for your help with this!

    Adam
    --
    Email: adam seven zero seven AT verizon DOT net

  18. Re: Broadband Security

    Moe Trin wrote:
    >> At least in Mandriva 2007.0, anacrontab uses the lists from
    >> /etc/cron.daily|weekly|monthly, and the first job in each of those
    >> directories is to update anacron's date stamp.

    >
    > That's a "local" addition by the rpm package creator. The source tarball
    > has the anacrontab manpage, but no actual crontab or anacrontab file.


    Then that must be one of the things added by Mandriva. Convenient,
    though -- just have to add a job to /etc/cron.daily|weekly|monthly, and
    cron and anacron will make sure it gets run.

    > Off the top of the head, I can't think of a specific reason to be
    > blocking 444/tcp outbound.


    See my "SOLVED" message in this thread. Port 444 outbound was being
    blocked because my DSL router was set to allow only the standard ports,
    unless there was a rule allowing otherwise. So I added a rule to my
    router to allow port 444 outbound, and that solved it.

    Adam
    --
    Email: adam seven zero seven AT verizon DOT net

  19. Re: Broadband Security

    On Fri, 29 Jun 2007, in the Usenet newsgroup alt.os.linux.mandriva, in article
    <138ahtkl9rnd882@corp.supernews.com>, Adam wrote:

    >Moe Trin wrote:


    >> That's a "local" addition by the rpm package creator. The source tarball
    >> has the anacrontab manpage, but no actual crontab or anacrontab file.

    >
    >Then that must be one of the things added by Mandriva.


    Most likely. It should be mentioned in the .spec file that is part of
    the source rpm.

    >Convenient, though -- just have to add a job to
    >/etc/cron.daily|weekly|monthly, and cron and anacron will make sure it
    >gets run.


    Hopefully, it's also documented as the way to do things. All to many
    popular distributions create these non-standard solutions (with each
    distribution doing it differently), set them up with what they consider
    to be standard jobs, and leave it at that.

    >> Off the top of the head, I can't think of a specific reason to be
    >> blocking 444/tcp outbound.

    >
    >See my "SOLVED" message in this thread. Port 444 outbound was being
    >blocked because my DSL router was set to allow only the standard ports,


    "standard ports" meaning

    >unless there was a rule allowing otherwise. So I added a rule to my
    >router to allow port 444 outbound, and that solved it.


    For a firewall, there are three very simple rules you should be
    following when trying to configure them:

    #1 - If you don't know what it is, block it, and see if anything breaks.

    #2 - If while denying the connection, nothing breaks, then you didn't
    need that.

    #3 - If the firewall appears to have 'broken' some function or service,
    look in the logs, and identify the specific problem. What specifically is
    being rejected? Then figure the smallest hole that will fix that problem.

    HOWEVER - these rules _NORMALLY_ are applied to _incoming_ connections,
    and much less often outgoing. The reason is relatively simple. You are
    supposed to have some clue what servers you are running on your own
    system. But as an equally general rule of thumb, you _won't_ know
    exactly what all ports some remote system will be running services on.
    There is a "standard list" at http://www.iana.org/assignments/port-numbers
    that lists some 5000 TCP and 5000 UDP port number relationships. Ports 1
    to 1023 are so-called Well Known Ports. These ports are used by common
    services - whether that be 'discard' (port 9 - anything sent here is
    discarded), smtp (mail transfer on 25), domain (DNS on 53) and so on.
    This is to give a common place to _look_ for specific services. Ports
    1024 to 49151 are the "registered" ports, and are used in a similar
    manner, though less 'cast in stone'. The services that may run on these
    ports are not controlled by IANA (meaning there is no RFC defining the
    service and how it works), and for the most part can be used by ordinary
    user processes or programs executed by ordinary users. These ports are
    also used by client processes to initiate connections to "server" ports.
    Just to round things out, ports 49152 - 65536 are the "dynamic" or
    "private" ports, that IANA does not define.

    Not withstanding the list of ports, there is nothing that _requires_
    service $FOO must be on port $BAR, or that port $BAZ must be service
    $QUX. A lot of people "hide" their SSH server on some port _other_than_
    port 22/tcp, just to avoid the 'bots and skript kizziez. The people
    who are desired to be able to connect know the "non-standard" port
    where the daemon is hidden, and can connect by supplying the number as
    a colon addition to the address. (Some call this "Security By Obscurity"
    and claim that it's useless. If there are standard authentication
    requirements you have to meet even after you find the d4mn server, it
    really an additional _layer_ of security.) The use of port 444 by the
    LUG is a perfect example of this non-standard use of ports.

    Old guy

  20. Re: Broadband Security

    Moe Trin wrote:
    >>> That's a "local" addition by the rpm package creator. The source tarball
    >>> has the anacrontab manpage, but no actual crontab or anacrontab file.

    >> Then that must be one of the things added by Mandriva.

    >
    > Hopefully, it's also documented as the way to do things. All to many
    > popular distributions create these non-standard solutions (with each
    > distribution doing it differently), set them up with what they consider
    > to be standard jobs, and leave it at that.


    My only significant Linux experience is with Mandrake/Mandriva, so by
    default their way of doing things seems to me to be either the
    "standard" way, or a deliberate improvement. I'm sure there are
    numerous features in Mandr* that are either nonstandard or better in
    another distro, but I wouldn't (yet) know what they are.

    >> Port 444 outbound was being
    >> blocked because my DSL router was set to allow only the standard ports,

    >
    > "standard ports" meaning


    Well, my DSL router's idea of "standard" outgoing ports is:

    pass to port 80 >> done
    pass to port 20 >> done
    pass to port 21 >> done
    pass to port 23 >> done
    pass to port 110 >> done
    pass to port 119 >> done
    pass to port 143 >> done
    pass to port 220 >> done
    pass to port 25 >> done
    pass to port 443 >> done
    pass to port 500 >> done

    so /by their definition/, port 444 outgoing is nonstandard.

    > The people
    > who are desired to be able to connect know the "non-standard" port
    > where the daemon is hidden, and can connect by supplying the number as
    > a colon addition to the address. (Some call this "Security By Obscurity"
    > and claim that it's useless. If there are standard authentication
    > requirements you have to meet even after you find the d4mn server, it
    > really an additional _layer_ of security.) The use of port 444 by the
    > LUG is a perfect example of this non-standard use of ports.


    Okay, I was wondering why they'd use some other port. I can now access
    the LUG mailing list archives. I get a few "security certificate is
    outdated" popups, but I know /those/ aren't my doing.

    Adam

+ Reply to Thread
Page 6 of 7 FirstFirst ... 4 5 6 7 LastLast