port 80
Hi,
I was watching a video about web development and (I'm not really sure about that) security/firewalling is a joke. If you want to pass data to a remote machine, use the port 80, or another open port. 25... Maybe 53.
So I was asking my self, for a better security. Monitor the traffic of open port of your servers.
oh, basically, if you are paranoiac and I'm not sure and not an expert about that. There should be exist "program" to monitor all the traffic on a computer network.
So as I understand, all virus and crap pass on open port, 80, 25, ... It's open and standard everywhere :(
Maybe I'm to simplistic and packets are discarded automatically by the web server or mail server. I don't know but if I was a pirate, I would use open and standard ports. If you don't monitor the traffic and don't read your log files you can't see it.
Thank you for this tips. iftop is really nice
I was asking myself about port 80 but now every thing on the web is encrypted. If you can pass data bidirectionally between client/server apps, you can't decrypt it. You see high bandwidth usage but you can't tell what it does. You need to check source ip address where data come from.