Re: blocking ports
On 13 Jul 2000, at 9:27, Seth Vidal wrote:
> > 1)
> > I want to block certain services for the outside world (like lpd etc) but NOT for the inside network
> > I thought I could block it with ipchains -A input -p tcp -d xxx.xxx.xxx.xxx 515 -j DENY
> > But if I telnet from a outside host to that port I can still connect
> > Well I think thats because the INPUT policy is ACCEPT (I think change that to DENY is rather not a good idea)
> > Is there another solutions for this ?
>
> to block services from the outside world to port 515 you'd probably need
> something like this
> -A input -s 0/0 -d yourip 515 -j DENY
>
> That would clip attempted connections anywhere on any port to you on port
> 515.
>
> As another option I explictly allow from the network/hosts I want to have
> access to it then deny from everyone else so.
>
> -A input -s mytrustedhosts -d yourip 515 -j ACCEPT
> -A input -s 0/0 -d yourip 515 -j DENY
>
#ipchains -A input -p tcp -s 0/0 -d myip 515 -j DENY
doesn't work
cause de policy is ACCEPT (I think)
and change it to DENY causes problems for ssh ftp etc
> > -------------------------------------------
> >
> > 2)
> > #showmount -e localhost
> > mount clntudp_create: RPC: Program not registered
>
> >
> > #less /etc/host.allow :
> > [CUT]
> > portmap: 127.0.0.1
> >
> > #ps -aux |grep rpc
> > root 957 0.0 0.0 1128 0 ? SW May22 0:00 [rpc.rquotad]
> > root 1027 0.0 0.1 1776 180 ? S May22 0:00 /usr/sbin/rpc.nfsd
> > root 1030 0.0 0.0 1776 64 ? S May22 0:00 /usr/sbin/rpc.mountd
> > root 12793 0.0 0.0 0 0 ? SW Jun15 0:00 [rpciod]
> > root 13120 0.0 0.0 1304 0 ? SW Jul09 0:00 [rpc.ugidd]
> >
>
> is portmap running?
> do you have any shares?
>
> do an rpcinfo -p and see what it says.
>
> -sv
>
# rpcinfo -p
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
545580417 1 udp 1000 ugidd
545580417 1 tcp 1002 ugidd
---
Encryption: A powerful algorithmic encoding technique employed in the creation of computer manuals.
Reply to: