Re: Ports to block?

To: debian-security@lists.debian.org
Subject: Re: Ports to block?
From: Adam Spickler <adam@whaddu.com>
Date: Thu, 5 Apr 2001 16:00:58 -0500
Message-id: <20010405160058.A26113@whaddu.com>
In-reply-to: <Pine.LNX.4.21.0104051250560.29975-100000@xenophobe.freaks.com>; from armitage@freaks.com on Thu, Apr 05, 2001 at 12:57:24PM -0700
References: <Pine.LNX.4.21.0104051250560.29975-100000@xenophobe.freaks.com>

I like to look at it the other way around.  "What ports not to block?".  I block ALL ports except for the ones that *I* want to get through.  This increases the security of your firewall, because you have only allowed the ports that YOU want open.

...adam


On Thu, Apr 05, 2001 at 12:57:24PM -0700, Brandon High wrote:
> Does anyone have a recommendation of ports that should be blocked (via
> ipchains/netfilter/etc) to make a system more secure?
> 
> In light of the recent security holes, I did a netstat -an, then lsof -i for
> all ports that were listening and/or UDP. I put a filter in the way of
> everything that I didn't want externally visible, but UDP port 1028 shows
> nothing listening lsof. I blocked it out of principle, but does anyone know
> what it might be?
> 
> -B
> 
> -- 
> Brandon High                                     armitage@freaks.com
> We are Homer of Borg. Resistance is ... Ooo! Donuts!
> 
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 


-------------------------------------------------
Adam Spickler
Whaddu LLC.
http://www.whaddu.com
WebHosting and Design/Development Unlimited
-------------------------------------------------

Reply to:

References:
- Ports to block?
  - From: Brandon High <armitage@freaks.com>

Prev by Date: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Next by Date: Re: Ports to block?
Previous by thread: Ports to block?
Next by thread: Re: Ports to block?
Index(es):
- Date
- Thread