Hi falko. sorry for delay i was busy. So server is on DSL, output of netstat -tap is:
Quote:
tcp 0 0 localhost:807 *:* LISTEN 3599/famd
tcp 0 0 *:57447 *:* LISTEN 2572/rpc.statd
tcp 0 0 localhost:10024 *:* LISTEN 2804/amavisd (maste
tcp 0 0 localhost:10025 *:* LISTEN 3553/master
tcp 0 0 *:mysql *:* LISTEN 2864/mysqld
tcp 0 0 localhost:spamd *:* LISTEN 2926/spamd.pid
tcp 0 0 *:sunrpc *:* LISTEN 2561/portmap
tcp 0 0 *:ftp *:* LISTEN 10696/pure-ftpd (SE
tcp 0 0 server.electroho:domain *:* LISTEN 3478/mydns
tcp 0 0 localhost:domain *:* LISTEN 3478/mydns
tcp 0 0 *:smtp *:* LISTEN 3553/master
tcp 0 0 localhost:40155 localhost:mysql SPOJENO 24105/smtp
tcp 0 0 localhost:mysql localhost:40155 SPOJENO 2864/mysqld
tcp6 0 0 [::]:imaps [::]:* LISTEN 3455/couriertcpd
tcp6 0 0 [::] op3s [::]:* LISTEN 3473/couriertcpd
tcp6 0 0 [::]op3 [::]:* LISTEN 3461/couriertcpd
tcp6 0 0 [::]:imap2 [::]:* LISTEN 3443/couriertcpd
tcp6 0 0 [::]:http-alt [::]:* LISTEN 10689/apache2
tcp6 0 0 [::]:www [::]:* LISTEN 10689/apache2
tcp6 0 0 [::]:tproxy [::]:* LISTEN 10689/apache2
tcp6 0 0 [::]:ftp [::]:* LISTEN 10696/pure-ftpd (SE
tcp6 0 0 localhost:domain [::]:* LISTEN 3478/mydns
tcp6 0 0 [::]:https [::]:* LISTEN 10689/apache2
tcp6 0 0 server.electrohost.:www 218.211.broadband:20810 TIME_WAIT -
tcp6 0 0 server.electrohost.:www 89.37.broadband4.:16109 FIN_WAIT2 23412/apache2
tcp6 0 0 server.electrohost.:www 218.211.broadband:20815 TIME_WAIT -
tcp6 0 0 server.electrohost.:www 218.211.broadband:20820 SPOJENO 24000/apache2
|
and iptables:
Quote:
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
DROP tcp -- anywhere loopback/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain PAROLE (14 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain PUB_IN (4 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:www
PAROLE tcp -- anywhere anywhere tcp dptop3
PAROLE tcp -- anywhere anywhere tcp dpt:imap2
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:mysql
PAROLE tcp -- anywhere anywhere tcp dpt:http-alt
PAROLE tcp -- anywhere anywhere tcp dpt:tproxy
PAROLE tcp -- anywhere anywhere tcp dpt:webmin
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:mysql
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain PUB_OUT (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
|
Thanks for help to all.