I've noticed something weird... on my linux box (which is a router amongst
other things), if I block a port on the INPUT chain, it ends up being
blocked on the forward chain too.
For example, for the majority of users this box is supposed to be a simple
gateway. So if I make the default input policy DENY I find that it stops
forwarding packets completely.
Yes, I am blocking the input chain specifically, not the forward chain.
-Ahsan
> Go ahead and block.
>
> Port 111 is the Sun Remore Procedure call an unless you are wanting to
> offer such services to other Sun systems, then block it out.
>
> Use REJECT rather than DENY - it tells the Sun system to forget it.
> You will get log entries if you use the -l option but they make
interesting
> reading.
>
> Unrelated but for security purposes, block 113 and 137.
> Look at /etc/services. (grep 113 /etc/services)
>
> If you DON'T want people to telnet in, block 23 - but you probably
> know that already.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
