
#-----------------------------------------------------------------------
# README
#-----------------------------------------------------------------------
#
# When the Trinity v3 DoS Tool is installed, it creates a root-shell
# on port 33270. We specifically block this port here (TCP connects)
# to prevent later services (like FTP passive) from making this port 
# available.
#
# To install, copy this file to /etc/firewall-modules/public/block-high-
# ports/trinity-root-shell. There's no need to execute rc.firewall with 
# the --update-config parameter.
#
#-----------------------------------------------------------------------
# CHANGES
#-----------------------------------------------------------------------
#
# 2000-10-15  Jean-Sebastien Morisset <jsmoriss@jsm-mv.dyndns.org>
#             Initial module written for v5.0.
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------

echo "Deny $INTOPT $NETADDR Trinity v3 Root-Shell <- $ANY (logged)"
ipchains -A $INCHAIN -j DENY -p tcp -y -s $ANY -d $NETADDR 33270 -l

