On Monday 06 April 2009 12:44:42 Kwan Lowe wrote:
On Mon, Apr 6, 2009 at 3:15 AM, Anne Wilson cannewilson@googlemail.com
wrote:
I've had umpteen IPs knocking on this door yesterday. The router blocked them, so it's not a problem, but why that port?
It is related to Conflicker virus.
I see. I normally have all ports closed and external checkers show the network as stealthed, but I had temporarily opened the IMAP port, which presumably drew the attention of the knockers. It's closed again now, but I will need to open in when I go on holiday as I collect mail from my server.
I open the IMAP inward port - I don't think I needed the outward one when I used this before - and I have fail2ban on the server, which stops repeated attempts at guessing the password. As far as I can see it has fully controlled the situation up to now. I'm just hoping that I have enough control in place.
Thanks to all who answered.
Anne