On Saturday 02 Oct 2004 21:55, Ian bell wrote:
I have recently received probes on port 33270 (trinity v3) reported by my firewall Firestarter, from various URLs, which is apparently the trinity v3 DDOS trojan which is specific to linux boxes and was found in the wild back in 2000. Shields up reports the port is closed so presumably I am safe but as I have not forwrded this port to null space my system responds that the port is present.
Is this common? Do I need to do anything about it? Are there others I should know about/do something about?
Ian
You should be dropping the packets (ie not responding at all) for any ports you don't want to communicate on. Keeping a low profile doesn't help you evade other humans intent on harm, but it helps you evade bot-nets and the like.
Matt