Cliff Hayes wrote: > Now I have to deal with the jerks. I started out running with no firewall > (not comfortable with that) and have the typical ssh probes. I didn't want > to try to mess with a firewall and end up blocking something mimedefang > and/or spamassassin was doing. Here is a list of ports I've accumulated. I > have two questions:
> a) Please let me know if I've missed anything. > b) If I do miss something, how will it make itself known? maillog? some > other log? Well, why don't you get a list of listening ports: TCP ports: netstat -a -t -n | grep LISTEN UDP ports: netstat -a -u -n | grep '0 0.0.0.0:' (The UDP line might only work on Linux. It certainly assumes IPv4. :-)) Once you have the list of listening ports, figure out what each one does and whether or not you want it open (and indeed whether anything really should be listening on that port!) If you plan on blocking outbound traffic as well as inbound, you'll need to carefully figure out what you need. TCP/25, UDP/53, TCP/53, UDP/123, come to mind at once. There are probably many others. If you do block traffic, you should log as well. Then keep an eye on your firewall logs to see if you've accidentally blocked something that should have been left open. Regards, David. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
