On Thu, Oct 23, 2008 at 11:13:24AM +0200, Guido Bolognesi [Zen] wrote:
> On Thu, Oct 23, 2008 at 10:18 AM, Sythos <sythos@xxxxxxxxxx> wrote:
> > aver aperto la porta sul server ma non sul router, potrebbe spiegare il
> > connection refused (infatti non da auth failed)...
> ho letto una parola si` e una no, ma e` la prima volta che parli di
> connection refused.
> Quello te l'avrebbe detto anche telnet.
In realta non credo che sia cosi semplice, anche se (again) un dump del
traffico potrebb esserci utile
Io credo che il problema possa essere riconduciile al "Evil Bit"
Firewalls [CBR03], packet filters, intrusion detection systems, and
the like often have difficulty distinguishing between packets that
have malicious intent and those that are merely unusual. The problem
is that making such determinations is hard. To solve this problem,
we define a security flag, known as the "evil" bit, in the IPv4
[RFC791] header. Benign packets have this bit set to 0; those that
are used for an attack will have the bit set to 1.
Suggerisco a Sythos, prima di procedere, una attenta lettura dell RFC
3514 ( http://tools.ietf.org/html/rfc3514 ) e poi postarci ulteriori dati
Saluti
Andy
|