Re: Port 80 Open

To: Debian Firewall <debian-firewall@lists.debian.org>
Subject: Re: Port 80 Open
From: Paolo <oopla@users.sf.net>
Date: Sun, 28 Oct 2007 01:33:35 +0200
Message-id: <[🔎] 20071027233334.GA6948@localhost>
Mail-followup-to: oopla@murphy.debian.org, Debian Firewall <debian-firewall@lists.debian.org>
In-reply-to: <[🔎] 20071027224328.GB13643@elp.rr.com>
References: <[🔎] 20071027224328.GB13643@elp.rr.com>

On Sat, Oct 27, 2007 at 04:43:28PM -0600, Telly Williams wrote:
> 	ports to see what's wrong with it.  Only port 80 comes up as
> 	open, and, apparently, is a security violation.

why? 
 
> 	That's chaffing me, because from what I understand, without port
> 	i80 open I'm not able to get on the WWW, so even if you ARE NOT
> 	running a web server, it still needs to be "open".

not at all.

> 	chain checking the tcp packets for syn and state

you want NEW, syn if you want to serve up something on port 80 else ...

> 	ESTABLISHED,RELATED, the packets being dropped if they don't

... you want just these.

> 	Also, I'm running in stealth (not allowing icmp echo replies or

eh, not quite stealth

> 	requests).  Some of my ports (i.e., 25 and 443) are coming up as
> 	closed.  Why are these ports showing up as closed at all?

why should they be open? are you providing SMTP and HTTPS to the outside?

perhaps providing a bit more info would help (eg iptables-save, interfaces)

--
paolo

Reply to:

References:
- Port 80 Open
  - From: Telly Williams <twilliams001@elp.rr.com>

Prev by Date: Re: Port 80 Open
Next by Date: Re: Port 80 Open
Previous by thread: Re: Port 80 Open
Next by thread: Re: Port 80 Open
Index(es):
- Date
- Thread