Hi folks, Suppose I trust ultimately in my 192.168.1.x users. To the outside world the only service 'nmap' shows opened is tcp port 22 -> ssh. So, if 'ssh' has some security bug, people can use this bug to explore my system. That I know is true. Now, what I'd like to know... Is there any way of getting some exploit in a CLOSED port? Some kernel, ipchains or other bug that allows someone explore closed ports? What about ports that are opened to 192.168.1.x but are REJECTed by ipchains to the internet. Are they explorable by internet? If the port is CLOSED, than it's safe? Thanks in advance, Pedro --- My ipchains rules are: Chain input (policy REJECT): target prot opt source destination ports ACCEPT all ------ 127.0.0.1 0.0.0.0/0 n/a ACCEPT icmp ------ 0.0.0.0/0 0.0.0.0/0 * -> * ACCEPT tcp ------ 192.168.1.0/24 0.0.0.0/0 * -> * ACCEPT udp ------ 192.168.1.0/24 0.0.0.0/0 * -> * ACCEPT tcp -y--l- 0.0.0.0/0 0.0.0.0/0 * -> 22 ACCEPT udp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 1024:65535 ACCEPT tcp !y---- 0.0.0.0/0 0.0.0.0/0 * -> 1024:65535 REJECT all ----l- 0.0.0.0/0 0.0.0.0/0 n/a Chain forward (policy MASQ): Chain output (policy ACCEPT):
Attachment:
pgpREIeQ_5UG9.pgp
Description: PGP signature