RE: Closing ports...

To: debian-security@lists.debian.org
Subject: RE: Closing ports...
From: DEFFONTAINES Vincent <Vincent.DEFFONTAINES@coe.int>
Date: Mon, 16 Sep 2002 14:02:40 +0200
Message-id: <[🔎] 51341B7FA34CD2119FA20008C7289B1C049BA979@panoramix.coe.int>

As mentionned before in this thread, you definetely can specify junbkbuster
it should listen only on one address (ie 127.0.0.1, or whichever).

On privoxy (which is an evolution of junkbuster, but present only in sid
(?)) I have this in /etc/privoxy/config :
listen-address 127.0.0.1:8118

I can't remind how config was in junkbuster, but its documented in sample
conf file, and its likely to be the same syntax.

Anyway adding one filtering layer with netfilter is obviously best.


Vincent



> -----Original Message-----
> From: Sergio Rodriguez de Guzman Martinez [mailto:sguzman@inicia.es]
> Sent: Sunday 15 September 2002 21:44
> To: Markus Grunwald; debian-security@lists.debian.org
> Subject: Re: Closing ports...
> 
> 
> You have configured junkbuster to *work* with the local 
> network. If your
> box receives a connection from other place it will give a 
> "Operation not
> permitted" mesage, but the port is still open to everyone. You can't
> configure it in the /etc/junkbuster/acl (access list). To 
> close the port
> you must use iptables.
> 
> 
> markus.grunwald@gmx.de (2002-09-15 at 1815.04 +0200):
> > Hello, 
> > 
> > using debian-testing, I wanted to secure my internet box. 
> First of all,
> > I wanted to close unnecessary ports. I noticed one thing: 
> With netstat,
> > _all_ ports were open to the whole world:
> > 
> > Proto Recv-Q Send-Q Local Address           Foreign Address        
> > State tcp 0 0 *:6565 *:* LISTEN 8078/junkbuster     
> > 
> > But I have configured junkbuster to listen only to my network:
> > deny 0.0.0.0/0
> > permit 192.168.42.0/24
> > 
> > What do I understand wrong here ? TIA !
> > 
> > --
> > Markus Grunwald
> > 
> > Registered Linux User Nr 101577      http://www.grunwald.2xs.de
> > http://counter.li.org                (hier pgp/gpg public key)
> 
> 
> 
> -- 
> Sergio Rodríguez de Guzmán Martínez| Quien miente, pronto se 
> arrepiente. 
> sguzman@inicia.es                  | 
> -=Debian GNU/Linux Sid=-   -o)     | 
> Kernel 2.4.17               /\     | 
> on a i686                  _\_v    | 
> PGP Key www.nova1one.com/satai.asc | 
> Registered Linux user number 279084
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact 
> listmaster@lists.debian.org
>

Reply to:

Prev by Date: Re: OpenSSL and Potato a request for clarificiation
Next by Date: Re: port 6051: hacked?
Previous by thread: Re: Closing ports...
Next by thread: [Fwd: freeswan & zlib security]
Index(es):
- Date
- Thread