Monitoring Internet Traffic advice please
Hi, I am using Suse 9.1 but this question could apply to any Distro.
I check my Firewall at www.grc.com using shieldsup, (yes I used to use windows).
Ports 21 (FTP), 23 (telnet),80 (Http, and ports 254,255 are open, the rest are closed ,so even the closed ports are telling the rest of the world of my presence. I could be completely stealthed using WWW,sygate.com free fire wall for windows.
So I feel vulnerable, I have installed Suse Firewall it is configured to protect an internet machine. Is anything untoward going on?
I have used lsof -i to show SunRPC is open on ports 3824 and 3825.
Looking up SunRpc says it is dangerous to have open!!!
So what sort of activity is going on?
With Sygate I could allow /disallow specific programs access and I would get a pop up box asking me if program xxx should be allowed to access the internet.
Is there a similar program I could install on my machine for Linux?
I have several Linux Distro's, Mandrake 10,Debian Sarge,Fedora Core 2, Suse 9.1, Slackware10, Gentoo 2004.1 etc.
It would be reassuring to have control so that I could monitor internet activity without wading through masses of log files.
For all I know at this point in time my machine could be a spam engine!!
Please can you suggest some Apt's /RPMs that I should look at to give me more comfort.
Mad Malc :cry: