Hi folks,
Suppose I trust ultimately in my 192.168.1.x users.
To the outside world the only service 'nmap' shows opened is tcp port 22 -> ssh.
So, if 'ssh' has some security bug, people can use this bug to explore my system. That
I know is true.
Now, what I'd like to know...
Is there any way of getting some exploit in a CLOSED port? Some kernel, ipchains or
other bug that allows someone explore closed ports?
What about ports that are opened to 192.168.1.x but are REJECTed by ipchains to the
internet. Are they explorable by internet?
If the port is CLOSED, than it's safe?
Thanks in advance,
Pedro
---
My ipchains rules are:
Chain input (policy REJECT):
target prot opt source destination ports
ACCEPT all ------ 127.0.0.1 0.0.0.0/0 n/a
ACCEPT icmp ------ 0.0.0.0/0 0.0.0.0/0 * -> *
ACCEPT tcp ------ 192.168.1.0/24 0.0.0.0/0 * -> *
ACCEPT udp ------ 192.168.1.0/24 0.0.0.0/0 * -> *
ACCEPT tcp -y--l- 0.0.0.0/0 0.0.0.0/0 * -> 22
ACCEPT udp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 1024:65535
ACCEPT tcp !y---- 0.0.0.0/0 0.0.0.0/0 * -> 1024:65535
REJECT all ----l- 0.0.0.0/0 0.0.0.0/0 n/a
Chain forward (policy MASQ):
Chain output (policy ACCEPT):
PGP signature
