[CentOS] Security advice, please

Kai Schaetzl maillists at conactive.com
Tue Dec 23 14:31:18 UTC 2008


Anne Wilson wrote on Tue, 23 Dec 2008 13:06:01 +0000:

> My LAN is behind a Netgear router, which does NAT.  On the CentOS server I 
> have fail2ban running.  This morning my router reported 3 different IPs 
> attempting to send UDP packets to port 38950, 

which is per se nothing to worry about and there's no connection to IMAP that you 
mention in the rest of your mail.

Since each address is only seen 
> 4-5 times, I presume that fail2ban took over after that.

I doubt you have it checking port 38950, do you? And the fail2ban doesn't run on 
your router. So, there is no connection.

> 
> GRC reports

What is that?

> 
> So, two questions really.  First, what should I be looking for on the router, 
> to turn off this 'tracking down' activity?

You may want to ask the GRC developer what he means by that.

> 
> Then, I want to read from my own IMAP server when I'm away from home.  Is 
> there a better way than opening port 143?

You can VPN to your router and then use your LAN like normal.


Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com






More information about the CentOS mailing list