My nephew came over and got on my computer (Windoze box NATed behind a Linux firewall) and started playing a network game (gunbound, I think).
I'm guessing, but I think some jerkoff hacker used the outgoing connection to somehow do a port scan on the windoze box. It has a non-routable 10. address. So How Is this guy doing this and how do I stop it?
For my firewall I'm using iptables. So lines written in iptables to stop this would be appreciated.
Bing
Forget portscans.
Yours, VB.
You can't stop portscans. You can only make sure your "system" isn't vulnerable to attack, if/when open ports are identified.
-Frank
Non-routable, indeed.
First, index host IPs and MACs on the local network. Identify the ethernet and IP source of the offending traffic. Identify hosts and interfaces that the offending traffic is traversing.
Examine the possible vectors permitting such traffic.
1) uPNP. 2) Port forwarding. 3) Dynamic NAT rule permitting response traffic. 4) Default-to-accept NAT operation. 5) Local traffic.One more option: "Hacker" uses strict or loose source routing options set in the IP Header from the Internet. Most ISP's don't watch this very carefully. I.E. "to get to 10.4.4.4 use MyPublicIP"
That would fall under vector 4.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.