Re: Starting iptables
On 10/19/2006 06:40 AM, L.V.Gandhi wrote:
On 10/19/06, Mumia W.. <firstname.lastname@example.org> wrote:
On 10/19/2006 12:39 AM, cothrige wrote:
> * John Hasler (email@example.com) wrote:
>> The name is misleading. Ipmasq configures both NAT and
>> default configuration is suitable for most, but you can tweak the
>> to do whatever you need.
>> However, it is not clear that you need a firewall at all. If you have
>> the one machine, just don't open any ports.
> I guess I have never really thought about it that way. I have just
> assumed that I was better off for having something like a firewall in
> place on any computer connected to the internet. And I have opened no
> ports intentionally, but now I am wondering just how to find out what
> ports are open and how they got that way? Any recommendations?
This site, http://www.grc.com , has a service called Shields-Up that
will help you find out what, if any, ports are open on your computer.
Also, "netstat -putl" will let you find out what listening ports are
In my machine, following is the output. can you explain the significance
of [the] columns? How to interpret it?
root@lvghomepc:~# netstat -putl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program name
tcp 0 0 localhost.localdo:mysql *:*
tcp 0 0 *:34637 *:*
tcp 0 0 *:sunrpc *:*
tcp 0 0 *:auth *:*
tcp 0 0 localhost.localdom:smtp *:*
tcp6 0 0 *:ssh *:*
udp 0 0 *:32769
udp 0 0 *:899
udp 0 0 *:bootpc
udp 0 0 *:sunrpc
(Re-directed to the list.)
Read "man netstat" to get the documentation on netstat. Reveal the port
numbers using "netstat -putln"
You should go to http://www.grc.com/ and use the Shields-Up service.
There they talk about the port numbers and their meanings.
On your machine, mysql is listening on tcp port 3306. RPC (Remote
Procedure Call) is listening on tcp port 34637 and udp ports 32769, 899
and 111. Sshd is listening on tcp port 22, and exim4 is listening on tcp
Take a look at the GRC site.