Re: Ports to block?
Check out this page for some suggestions too,
-l
http://uw7doc.sco.com/NET_tcpip/filterD.block.html#filterT.block
Pedro Zorzenon Neto in message Re: Ports to block? (Thu, 04/05 17:04):
> I'd say to block all the ports you don't need to be available to the world.
> Just leave opened the essencial ports you need to provide services.
>
> Try nmap to see your opened ports.
>
> On Thu, Apr 05, 2001 at 12:57:24PM -0700, Brandon High wrote:
> > Does anyone have a recommendation of ports that should be blocked (via
> > ipchains/netfilter/etc) to make a system more secure?
> >
> > In light of the recent security holes, I did a netstat -an, then lsof -i for
> > all ports that were listening and/or UDP. I put a filter in the way of
> > everything that I didn't want externally visible, but UDP port 1028 shows
> > nothing listening lsof. I blocked it out of principle, but does anyone know
> > what it might be?
> >
> > -B
> >
> > --
> > Brandon High armitage@freaks.com
> > We are Homer of Borg. Resistance is ... Ooo! Donuts!
> >
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> >
> >
Reply to: