Dante,
#Is this means that my network is vulnerable to attack? If its vulnerable
how can i prevent it?
#I'm using only ipchain on linux.
What the scan discovered is open ports on the firewall. Now that you know
there are open ports on this firewall you need to ask yourself two
questions.
1. What kind of traffic is allowed through this port?
For example: There is a listen on port 21 TCP for your firewall. This
means that either the firewall is running an FTP server or you have an FTP
server on a dmz or the internal network. Lets say the FTP server is on
your internal network. There is an access rule on the firewall for what
traffic can use port 21. You may be allowing all source addresses to FTP
to your FTP server's IP address. This means that any traffic on TCP port
21 destined for your FTP server will be allowed through the firewall. This
is a hole in your firewall that could possible be used to attack your
internal network. Now you need to ask yourself the second question.
2. How vulnerable is my FTP server?
You need to review the security of the OS your FTP server is running on and
you need to review the security of the FTP server software.
You will have to do this for every open port on the firewall.
1. Review the firewall rules and determine what kind of traffic is allowed
to which hosts on your internal network.
2. Review the security of each host. Especially, the services listening
on ports your firewall allows internet connections to.
If you keep abreast of the latest patches and hacks for your OSs and server
software then you will greatly decrease the chances that someone will even
attempt to hack your network much less succeed. Realisticaly, your network
is vulnerable just because it is connected to the Internet.
Regards,
Jeffery Gieser
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
