On Mon, 24 Dec 2001, Devon Ryan wrote: > Martin Radvany wrote: > > > > > I have a Linux box running Red Hat 7.0 as a firewall. I > > used a scanner at www.hackerwacker.com to scan the > > machine. All TCP ports were closed, as expected, but > > many UDP ports were open and listed as "danger > > items," ripe for hacker exploits. > > > > I can not seem to find any information on how to > > disable these ports. > > >
If you're using ipchains or iptables just block the udp ports with -j REJECT at the end of the rule... but you maybe need to let open some udp ports... try this for example (eth0 is external inet interface..): for ipchains: ### LET UDP PORT 53 OPEN ### ipchains -A input -i eth0 -p udp -s 0/0 -d 0/0 53 -j ACCEPT ### SHUT DOWN ALL OTHER PORTS FROM 1><65535 BUT NOT 53 ### ipchains -A input -i eth0 -p udp -s 0/0 -j REJECT for iptables: ### LET UDP PORT 53 OPEN ### iptables -A INPUT -i eth0 -p udp -s 0/0 -d 0/0 53 -j ACCEPT ### SHUT DOWN ALL OTHER PORTS FROM 1><65535 BUT NOT 53 ### iptables -A INPUT -i eth0 -p udp -s 0/0 -d 0/0 -j REJECT
