Nick Smith wrote:
im going to try and setup a firewall on my home server this weekend, but im unsure as to all the ports i have to open in order for my mail server to stay operational, this is a list of what i think i need to make accessible from outside, please let me know if i need to open anything else and suggestions please. im using 1 nic at the moment with a 2nd installed but not active yet, going to hook the machine straight up to my cable modem and bypass the router for now and run nic2 to the router/switch when i go to set this up.
here is a list of what i think i need open, and question next to the ones im not sure of.
courier-imap - 143
courier-imap-ssl - 995?
courier-pop3 - 110
courier-pop3-ssl - ?
The above SSL ports are probably alright, but don't open the non-ssl ports, 110 and 143. If you aren't going to use the SSL ports from the outside, then disable those too [I always tunnel via SSH rather than open them up].
postfix - 25
apache - 80
Good.
proftpd - 21Again, if you actually plan to use this from the outside, go ahead and open it, otherwise don't. Remember that passwords are most often passed in the clear with FTP.
webmin - 10000
DO NOT expose the webmin port. Period.
distcc - 3632
Why?
ssh - 22
Excellent idea.
ntp - ? what port does it update itself?
No good, do not expose this to the internet, period.
Do not expose any of these to the internet period. Why would you want any of these available outside your network?clamav - same as above NFS - ? might try sharing drives across internet, what port? squid - 8080 tor - ? does it need a port? privoxy - ? openldap - ? when i get this running does it use a port?
since im not to sure about iptables right now and dont fully understandIt is still not newbie friendly. More importantly, if you don't know what you are setting up, it doesn't really matter which firewall you use. Perhaps you should consider reading up on firewalls, which essentially try to hide your services from the rest of the world, rather than make them secure outright.
it, ive been playing with webmin's shorewall 'plugin' and am going to
try setting it up with that. it seems newbie friendly.
Essentially, IP traffic is ICMP, TCP or UDP. Most that you care about is TCP. ICMP is used for pings and traceroutes mostly [other stuff you aren't likely aware of like resets]. TCP is the most common traffic, used in about everything popular [http, ftp, telnet, ssh, nntp, etc]. UDP is used in broadcast type information such as some times of broadcast video or audio.also, how do i know if a packet/port is TCP, UDP or IMCP? when i go to set this up i need to know that, is there a way to tell? im kinda new at this. first firewall...woo-hoo, never figured i needed one until now :-/
thanks for any and all help.
Nick
To get an idea of the services and their types, take a look around in /etc/services.
Tom Veldhouse
-- [email protected] mailing list
