Re: Ports to block?
The first thing I do, right off, is block all ports >1024 coming in, then get a
list of what's running, and block everything else except those services I want to
Brandon High wrote:
> Does anyone have a recommendation of ports that should be blocked (via
> ipchains/netfilter/etc) to make a system more secure?
> In light of the recent security holes, I did a netstat -an, then lsof -i for
> all ports that were listening and/or UDP. I put a filter in the way of
> everything that I didn't want externally visible, but UDP port 1028 shows
> nothing listening lsof. I blocked it out of principle, but does anyone know
> what it might be?
> Brandon High firstname.lastname@example.org
> We are Homer of Borg. Resistance is ... Ooo! Donuts!
> To UNSUBSCRIBE, email to email@example.com
> with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org