blocking unfriendly traffic
If you think some wierd traffic is coming to your server, you can use netstat and ps to find evil programs, ports, and ips. Besides killing processes with the usual kill command you might try adding some rule to iptables while you investigate
netstat -lntpe
ps -auxfw
Drops a port (in this example 3131)
iptables -A INPUT -p tcp --dport 3131 -j DROP
Drops a IP(in this example 25.55.55.55)
iptables -I INPUT -s 25.55.55.55 -j DROP
Posted: February 9th, 2006 under Linux, Firewalls and Security.
Comments: none
Write a comment