I was curious to see what services were open on the WAN to the CeroWrt
router itself. It looks like the following services are open and not
firewalled via iptables directly:
21 telnet
22 ssh
23 ftp
873 rsync
12865 netserver
The only thing blocking access is the xinetd configuration:
defaults
{
per_source = 16
only_from = 192.168.0.0/16 172.16.0.0/12
instances = 18
max_load = 16
}
Is this a good idea, relying only on this default config to block
access to those services? Or should the iptables firewall default to
blocking everything and only poke holes where they are needed rather
than how it is now--only blocking a list of ports which doesn't
include the above ports?
_______________________________________________
Cerowrt-devel mailing list
[email protected]
https://lists.bufferbloat.net/listinfo/cerowrt-devel
