[CentOS] What's special about port 19842?

Mon Apr 6 16:47:33 UTC 2009
Anne Wilson <cannewilson at googlemail.com>

On Monday 06 April 2009 12:44:42 Kwan Lowe wrote:
> On Mon, Apr 6, 2009 at 3:15 AM, Anne Wilson <cannewilson at googlemail.com> 
wrote:
> > I've had umpteen IPs knocking on this door yesterday.  The router blocked
> > them, so it's not a problem, but why that port?
>
> It is related to Conflicker virus.

I see.  I normally have all ports closed and external checkers show the 
network as stealthed, but I had temporarily opened the IMAP port, which 
presumably drew the attention of the knockers.  It's closed again now, but I 
will need to open in when I go on holiday as I collect mail from my server.

I open the IMAP inward port - I don't think I needed the outward one when I 
used this before - and I have fail2ban on the server, which stops repeated 
attempts at guessing the password.  As far as I can see it has fully 
controlled the situation up to now.  I'm just hoping that I have enough 
control in place.

Thanks to all who answered.

Anne
-- 
New to KDE4? - get help from http://userbase.kde.org
Just found a cool new feature?  Add it to UserBase
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.centos.org/pipermail/centos/attachments/20090406/fd64d4a1/attachment-0005.sig>