On Sun, 2004-12-12 at 01:07, Prem Vilas Fortran Rara wrote: > services. Sysad tells me some UDP ports are still open. What tool did > he use to scan them? He listed the following: [snipped]
Let me guess... is this a security audit done by some big corporation to whom you're providing content? Anyway, chances are, there are really no services running on those UDP ports that you mentioned but the scanning tool (probably Nesus) used by the one who is doing the security audit is probably set set to "paranoid mode" so that if a port does not "reject" a connection, it will be tagged as open. Anyway, you can use this command to add iptables filter to block those ports: /sbin/iptables -A INPUT -i <interface> -p udp -m udp --dport <portno> \ -j REJECT --reject-with icmp-port-unreachable Just reaplace <interface> (like eth0 or ppp0, etc) with the appropriate interface device name and <portno> with the appropriate port that you need to block (the one in the list you gave). -- Gideon N. Guillen [EMAIL PROTECTED] Take back the web! Download Firefox Today! http://getfirefox.com -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
