Firewall Configuration in Redhat 9.0

From: Jesse Millan (jessem_at_system-calls.com)
Date: 10/21/03

  • Next message: Mike Koponick: "RE: Firewall Configuration in Redhat 9.0" 
    To: redhat-list@redhat.com
Date: Mon, 20 Oct 2003 16:00:24 -0700

    I've been having some trouble opening and closing ports. Basically, I
    want to close of all ports except 22 for ssh and 3 other ports to do
    some testing with openmosix. No matter what I do though, the ports that
    I want open stay closed and the ports that I want closed are open.
    (Mostly)

    Port State Service
    22/tcp open ssh
    25/tcp open smtp
    111/tcp open sunrpc
    139/tcp open netbios-ssn
    505/tcp open mailbox-lm
    631/tcp open ipp
    885/tcp open unknown
    4660/tcp open unknown
    6000/tcp open X11
    9158/tcp open unknown
    10000/tcp open snet-sensor-mgmt
    32768/tcp open unknown
    32769/tcp open unknown
    32770/tcp open sometimes-rpc3

    Looks like I don't even have a firewall activated.
    redhat-config-securitylevel is set to medium. If I change it to hight
    the same ports are open. Trusted device is set to my network card (eth0)
    nothing is checked except ssh and dhcp. Like I said above, I want a
    couple other ports for open openmosix but, I have not "other ports"
    section using redhat-config-securitylevel.

    Other notes, I have iptables service enabled. It starts at boot. Also, I
    have tried to use iptables directly i.e iptables -A INPUT -p tcp ...
    etc. Still nothing.

    Thanks in advance. 

    -- 
Jesse Millan
CNS Server Team
Portland State University
Phone: (503) 725-3285
Fax:   (503) 725-6487
GPG key: www.system-calls.com/gpg.php
I wouldn't be so paranoid if you weren't all out to get me!!
-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
  • Next message: Mike Koponick: "RE: Firewall Configuration in Redhat 9.0"

    Relevant Pages

    • Re: sshd brute force attempts?
      ... I think you misunderstood what I meant by public service, or maybe it wasn't clear: By a public service I mean a service available for anyone, even anonymously: You're not going to register the world to let people send mail to your server, require authentication to send mail from your server). ... If this is stored on a usb-stick the user carries with him, or only on systems that require local authentication first, then I think you're better off than password based ssh. ... Cracklib is in ports and easy to build -- FreeBSD could use a) an option in make.conf to prevent passwd from getting built on a buildworld and b) the patched passwd/yppasswd tree in ports. ... I don't assume that level of savvy. ...
      (freebsd-questions)
    • Re: Prot Forwarding
      ... Al's SSH method would be the best. ... configure the remote control programs to use different ports on each ... that let you configure the ports in use. ... > Personally I use a Secure Shell tunnel to access multiple XP Pro ...
      (microsoft.public.windowsxp.network_web)
    • Re: hacked?
      ... So I ssh'd in and did a netstat and saw what looked like an unwanted SSH connection... ... On the local host type nmap -sV localhost -p 1-65535 to see what ports respond and which apps/services. ...
      (comp.os.linux.misc)
    • Re: [SLE] Security, ssh/vpn into a network
      ... "My server is running several services, ... outside are http and ssh. ... Again, ports 5900 is not open to the outside, neither is any of the ... not being forwarded on the firewall but through the ssh tunnel. ...
      (SuSE)
    • SUMMARY: All ports in use, but I dont think they are
      ... Some let me do X forwarding, ... I have restarted ssh several times, ... > timeout on Solaris 9 boxes is 4 minutes, but I see no ports in TIME_WAIT ... My thanks to many many folks on both the sunmanagers and secureshell lists ...
      (SunManagers)