Re: How secure am I?
Sebastiaan <S.Breedveld@ITS.TUDelft.NL> writes:
> On Fri, 3 Aug 2001, Patrick Kirk wrote:
>
> > Hi all,
> >
> > Now that I've ADSL working, I suppose I'd better take a few precautions.
> >
> > 1. Running woody so is there a Woody specific line to add to sources'list
> > for security updates?
> No real extra hazards.
>
> >
> > 2. nmap from a remote host shows the following:
> > Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
> > Interesting ports on host217-35-25-225.in-addr.btopenworld.com
> > (217.35.25.225):
> > Port State Protocol Service
> > 9 open tcp discard
> > 13 open tcp daytime
> > 21 open tcp ftp
> > 22 open tcp ssh
> > 25 open tcp smtp
> > 37 open tcp time
> > 53 open tcp domain
> > 79 open tcp finger
> > 80 open tcp http
> > 111 open tcp sunrpc
> > 113 open tcp auth
> > 139 open tcp netbios-ssn
> > 515 open tcp printer
> > 901 open tcp unknown
> > 1024 open tcp unknown
> >
> > I see no need to share a printer, port 25, dns or finger with the internet
> > at large. In fact, I don't know what finger, sunprpc, time, discard,
> > daytime do :-(
> Whoah! This is bad. Edit /etc/inetd.conf and disable every service, except
> exim (you need a mta for your system). That will help. For the other
> ports, think about setting up a firewall.
>
> Greetz,
> Sebastiaan
>
Yep, definitely turn of anything you don't need. If you find out how
to turn off "printer", let me know. I think lpr, and lprng both need
it to be listening for the print spooler to work. However, I haven't
figured out how to make it only listen on 127.0.0.1 instead of
everywhere...
If you don't need NFS, (And if you don't know what it is, you probably
don't need it) you can turn off sunrpc. However, you need to do that
by turning off "portmap" in /etc/init.d. So you'll have to change
your runlevels a bit.
Good luck.
Marshal
>
> >
> > Any suggested URLs apart from the
> > http://www.linuxdoc.org/HOWTO/Security-HOWTO.html appreciated.
> >
> > Thanks.
> > --
> > Patrick Kirk
> > GSM: +44 7876 560 646
> > ICQ: 42219699
> >
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> >
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: