Re: How secure am I?

To: Sebastiaan <S.Breedveld@ITS.TUDelft.NL>
Cc: Patrick Kirk <patrick@kirks.net>, Debian User List <debian-user@lists.debian.org>
Subject: Re: How secure am I?
From: Marshal Wong <a452640950@h9.dion.ne.jp>
Date: 03 Aug 2001 20:00:54 +0900
Message-id: <[🔎] 85d76ds909.fsf@aldur.ephishmsee.com>
In-reply-to: <[🔎] Pine.HPP.3.95.1010803112412.27904P-100000@elektron.its.tudelft.nl>
References: <[🔎] Pine.HPP.3.95.1010803112412.27904P-100000@elektron.its.tudelft.nl>

Sebastiaan <S.Breedveld@ITS.TUDelft.NL> writes:

> On Fri, 3 Aug 2001, Patrick Kirk wrote:
> 
> > Hi all,
> > 
> > Now that I've ADSL working, I suppose I'd better take a few precautions.
> > 
> > 1. Running woody so is there a Woody specific line to add to sources'list
> > for security updates?
> No real extra hazards.
> 
> > 
> > 2. nmap from a remote host shows the following:
> > Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
> > Interesting ports on host217-35-25-225.in-addr.btopenworld.com
> > (217.35.25.225):
> > Port    State       Protocol  Service
> > 9       open        tcp        discard
> > 13      open        tcp        daytime
> > 21      open        tcp        ftp
> > 22      open        tcp        ssh
> > 25      open        tcp        smtp
> > 37      open        tcp        time
> > 53      open        tcp        domain
> > 79      open        tcp        finger
> > 80      open        tcp        http
> > 111     open        tcp        sunrpc
> > 113     open        tcp        auth
> > 139     open        tcp        netbios-ssn
> > 515     open        tcp        printer
> > 901     open        tcp        unknown
> > 1024    open        tcp        unknown
> > 
> > I see no need to share a printer, port 25, dns or finger with the internet
> > at large.  In fact, I don't know what finger, sunprpc, time, discard,
> > daytime do :-(
> Whoah! This is bad. Edit /etc/inetd.conf and disable every service, except
> exim (you need a mta for your system). That will help. For the other
> ports, think about setting up a firewall.
> 
> Greetz,
> Sebastiaan
> 

Yep, definitely turn of anything you don't need.  If you find out how
to turn off "printer", let me know.  I think lpr, and lprng both need
it to be listening for the print spooler to work.  However, I haven't
figured out how to make it only listen on 127.0.0.1 instead of
everywhere...

If you don't need NFS, (And if you don't know what it is, you probably
don't need it) you can turn off sunrpc.  However, you need to do that
by turning off "portmap" in /etc/init.d.  So you'll have to change
your runlevels a bit.

Good luck.

Marshal

> 
> > 
> > Any suggested URLs apart from the
> > http://www.linuxdoc.org/HOWTO/Security-HOWTO.html appreciated.
> > 
> > Thanks.
> > --
> > Patrick Kirk
> > GSM: +44 7876 560 646
> > ICQ: 42219699
> > 
> > 
> > 
> > -- 
> > To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> > 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: How secure am I?
  - From: Sebastiaan <S.Breedveld@ITS.TUDelft.NL>

Prev by Date: Re: Bus mastering and dual port ethernet
Next by Date: Re: DNS [subtopic: Re: Internet Connection Sharing, was: Re: Ethernet]
Previous by thread: Re: How secure am I? - samba
Next by thread: Re: How secure am I?
Index(es):
- Date
- Thread