Re: Starting iptables

["Mumia W.." <paduille.4060.mumia.w@earthlink.net>]

On 10/19/2006 06:40 AM, L.V.Gandhi wrote:
> On 10/19/06, Mumia W.. <paduille.4060.mumia.w@earthlink.net> wrote:
> > On 10/19/2006 12:39 AM, cothrige wrote:
> > > * John Hasler (jhasler@debian.org) wrote:
> > >> The name is misleading.  Ipmasq configures both NAT and
> > firewalling.  The
> > >> default configuration is suitable for most, but you can tweak the
> > scripts
> > >> to do whatever you need.
> > >>
> > >> However, it is not clear that you need a firewall at all.  If you have
> > only
> > >> the one machine, just don't open any ports.
> > >
> > > I guess I have never really thought about it that way.  I have just
> > > assumed that I was better off for having something like a firewall in
> > > place on any computer connected to the internet.  And I have opened no
> > > ports intentionally, but now I am wondering just how to find out what
> > > ports are open and how they got that way?  Any recommendations?
> > >
> > > Patrick
> > >
> > >
> >
> > This site, http://www.grc.com , has a service called Shields-Up that
> > will help you find out what, if any, ports are open on your computer.
> >
> > Also, "netstat -putl" will let you find out what listening ports are 
> > open.
> >
> > In my machine, following is the output. can you explain the significance
> > of [the] columns? How to interpret it?
> root@lvghomepc:~# netstat -putl
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address           Foreign Address
> State       PID/Program name
> tcp        0      0 localhost.localdo:mysql *:*
> LISTEN     4303/mysqld
> tcp        0      0 *:34637                 *:*
> LISTEN     4539/rpc.statd
> tcp        0      0 *:sunrpc                *:*
> LISTEN     3932/portmap
> tcp        0      0 *:auth                  *:*
> LISTEN     4485/inetd
> tcp        0      0 localhost.localdom:smtp *:*
> LISTEN     4475/exim4
> tcp6       0      0 *:ssh                   *:*
> LISTEN     4514/sshd
> udp        0      0 *:32769
> *:*                                4539/rpc.statd
> udp        0      0 *:899
> *:*                                4539/rpc.statd
> udp        0      0 *:bootpc
> *:*                                3913/dhclient
> udp        0      0 *:sunrpc
> *:*                                3932/portmap

(Re-directed to the list.)

Read "man netstat" to get the documentation on netstat. Reveal the port 
numbers using "netstat -putln"

You should go to http://www.grc.com/ and use the Shields-Up service. 
There they talk about the port numbers and their meanings.

On your machine, mysql is listening on tcp port 3306. RPC (Remote 
Procedure Call) is listening on tcp port 34637 and udp ports 32769, 899 
and 111. Sshd is listening on tcp port 22, and exim4 is listening on tcp 
port 25.

Take a look at the GRC site.

--
paduille.4060.mumia.w@earthlink.net