Re: Ports to block?
Check out this page for some suggestions too,
Pedro Zorzenon Neto in message Re: Ports to block? (Thu, 04/05 17:04):
> I'd say to block all the ports you don't need to be available to the world.
> Just leave opened the essencial ports you need to provide services.
> Try nmap to see your opened ports.
> On Thu, Apr 05, 2001 at 12:57:24PM -0700, Brandon High wrote:
> > Does anyone have a recommendation of ports that should be blocked (via
> > ipchains/netfilter/etc) to make a system more secure?
> > In light of the recent security holes, I did a netstat -an, then lsof -i for
> > all ports that were listening and/or UDP. I put a filter in the way of
> > everything that I didn't want externally visible, but UDP port 1028 shows
> > nothing listening lsof. I blocked it out of principle, but does anyone know
> > what it might be?
> > -B
> > --
> > Brandon High email@example.com
> > We are Homer of Borg. Resistance is ... Ooo! Donuts!
> > --
> > To UNSUBSCRIBE, email to firstname.lastname@example.org
> > with a subject of "unsubscribe". Trouble? Contact email@example.com