Re: iptables rules and open ports
Vadim,
I would turn off the services that are using those ports (if you don't need
them). For instance, port 22 is going to be your ssh daemon listening for
connections. If you have a standalone workstation, I can't imagine why you
would need ssh running. I'm not sure what the other ports are. If you do a
$netstat -a
it will tell you the name of the ports. If you're not using them, stop the
services or uninstall the packages that are launching them.
----- Original Message -----
From: "Vadim Kutsyy" <vadim@kutsyy.com>
To: "Debian User" <debian-user@lists.debian.org>
Sent: Monday, February 12, 2001 11:33 PM
Subject: iptables rules and open ports
> I have stand alone workstation withour any network, so I am trying to
> keep all ports close. I run kernel 2.4 with iptables. Recent scaning
> (by www.dslreports.com) shows that ports 13,22,37 and 9 are open. Any
> recomendation on how to close them?
>
> Thanks.
>
> My iptables rulles:
> --------------------------------------------
> # Insert connection-tracking modules(not needed if built into kernel).
> insmod ip_conntrack
> insmod ip_conntrack_ftp
>
> # Create chain which blocks new connections, except if coming from
> inside.
> iptables -N block
> iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
> iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT
> iptables -A block -j DROP
>
> # Jump to that chain from INPUT and FORWARD chains.
> iptables -A INPUT -j block
> iptables -A FORWARD -j block
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>
Reply to: