I'd say to block all the ports you don't need to be available to the world. Just leave opened the essencial ports you need to provide services. Try nmap to see your opened ports. On Thu, Apr 05, 2001 at 12:57:24PM -0700, Brandon High wrote: > Does anyone have a recommendation of ports that should be blocked (via > ipchains/netfilter/etc) to make a system more secure? > > In light of the recent security holes, I did a netstat -an, then lsof -i for > all ports that were listening and/or UDP. I put a filter in the way of > everything that I didn't want externally visible, but UDP port 1028 shows > nothing listening lsof. I blocked it out of principle, but does anyone know > what it might be? > > -B > > -- > Brandon High armitage@freaks.com > We are Homer of Borg. Resistance is ... Ooo! Donuts! > > > > -- > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > >
Attachment:
pgpmlh2Ig8kSv.pgp
Description: PGP signature