Blocking Ports from showing up in scans
I have a small masq/web server on a DSL. I would like to make it a bit more
secure. Its a default install of debian. I have nfs and samba running for
my workstations to have access to the box. I have most things turned off
like telnet and ftp. What I would like to do is block a few ports from the
outside, but keep them for the local net. I dont really want to learn
ipchains, because I dont have the time right now. I've very busy, and I
would just like to do my work, but an example of how to do this would teach
me a great deal. I have not found anything on web searches that would build
the rules for me, that would run on a server without X installed. If anyone
is willing to do the rules for me, I would really be happy. Thanks.
eth0 is 10.0.0.1, private
eth1 is public.
My private network is using 10.0.0.x.
ip_masq deb is installed.
I have the following ports open on my server. I have marked with * the ones
that I want to close off to the outside, and have them not show up in a port
scan.
(The 1505 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop-3
*111/tcp open sunrpc
113/tcp open auth
*139/tcp open netbios-ssn
389/tcp open ldap
443/tcp open https
*515/tcp open printer
*829/tcp open unknown
*899/tcp open unknown
*983/tcp open unknown
*2049/tcp open nfs
*3306/tcp open mysql
*5432/tcp open postgres
--
_ | _
(_()(|('.|)('||.|()|`|(
Reply to: