securing ports
Is it possible to secure the ports on my Debian machine so that other machines on the internet cannot get through? Is there some way to configure pppd to block packets?
Re: securing ports
Is it possible to secure the ports on my Debian machine so that other machines on the internet cannot get through? Is there some way to configure pppd to block packets? ipchains. Read the IPCHAINS-HOWTO. Or just disable all the services through /etc/inetd.conf (not advised for a couple of ports). Andrew - Andrei S. Ivanov [EMAIL PROTECTED] [EMAIL PROTECTED] http://scorpio.dynodns.net -| http://scorpio.myip.org-| --All the pages bundled together. http://arshes.dyndns.org -| If one does not work, try another :) UIN 12402354 To get my GnuPG public key, go to scorpio.dynodns.net/GnuPG scorpio.myip.org/GnuPG arshes.dyndns.org/GnuPG -
Re: securing ports
Which ports are inadvisable for closing? TIA, John N. At 09:07 PM 3/6/2000 -0600, Andrei Ivanov wrote: ipchains. Read the IPCHAINS-HOWTO. Or just disable all the services through /etc/inetd.conf (not advised for a couple of ports).
Re: securing ports
Which ports are inadvisable for closing? TIA, John N. It depends on what you do on the net. For example, some irc servers (irc.prison.net is one of tehm) require for you to run ident in order to connect to them. Obviously, you wnat to turn off useless ports...discard, daytime, time, finger, etc. Just go into /etc/inetd.conf and comment out services you don't want inetd to listen for. Like telnet.if you want to have outside access into machine, use ssh (port 22). So really you can have all ports closed off, that can be closed with inetd, but you will still need ipchains to secure other ports lke 6000 (X). To see the list of ports open on your machine, netstat or nmap yourself. Andrew - Andrei S. Ivanov [EMAIL PROTECTED] [EMAIL PROTECTED] http://scorpio.dynodns.net -| http://scorpio.myip.org-| --All the pages bundled together. http://arshes.dyndns.org -| If one does not work, try another :) UIN 12402354 To get my GnuPG public key, go to scorpio.dynodns.net/GnuPG scorpio.myip.org/GnuPG arshes.dyndns.org/GnuPG -
Re: securing ports
Which ports are inadvisable for closing? TIA, John N. it depends on what the box does. if it's just a workstation for you then you can probably turn off everything in inetd.conf except ident. ports you might want to look into leaving open, depending on the purpose of the box: ftp ssh ident telnet (don't do it if you can help it, use ssh instead) http https smtp pop3 imap you can find the port numbers for these services by looking them up in /etc/services. adam.