Jeff Graves wrote:
> After having my linux boxes eventually hacked to pieces from neglect, I'm
> reinstalling with RH7.0 and locking the boxes as much as possible. I have 2
> dns servers that I want only to run bind and ssh. How can I can check to see
> what ports are still open?
The netstat(8) command will tell you this. From the manpage:
DESCRIPTION
Netstat prints information about the Linux networking sub
system. The type of information printed is controlled by
the first argument, as follows:
(none)
By default, netstat displays a list of open sockets. If
you don't specify any address families, then the active
sockets of all configured address families will be
printed.
<snip>
Another good idea is to use nmap (http://www.insecure.org/nmap, IIRC) to
scan the boxen for open ports. In fact, do that regularly; you never
know when the kiddies will get you again, and one of the nice things
about using nmap in addition to netstat is that they can't trojan nmap
on a box they haven't 0wn3d.
> I think I closed everything but I want to be
> sure. Also, I installed the rpm for tripwire but the documentation sucks
> (acutally, I couldn't find anything but comments in what I think were config
> files). The website tripwire.org didn't have anything either. Does anyone
> know of any documents that can tell me exactly what the hell it does and how
> the hell to use it? Thanks.
I don't have the RPM file here, but the source distribution comes with
manpages... did you try 'man tripwire'? If the RPM really didn't come
with the manpages for some reason you can get the _real_ distribution here:
http://sourceforge.net/projects/tripwire/
--
~~~Michael Jinks, IB // Technical Entity // Saecos Corporation~~~~
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
