[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Only two services running

To: Robert Johannes <rjohanne@piper.hamline.edu>
Subject: Re: Only two services running
From: "Saad Kadhi (Work Accnt)" <Saad.Kadhi@neurocom.com>
Date: Fri, 23 Feb 2001 16:43:42 +0100
Cc: misc@openbsd.org
Organization: Neurocom
References: <Pine.GSO.4.21.0102230904470.3123-100000@mendeleev.hamline.edu>
User-Agent: Mozilla/5.0 (X11; U; Linux 2.2.18 i686; en-US; m18) Gecko/20010131 Netscape6/6.01

Robert Johannes wrote:

> I'm sure you guys can help with this question: When I have only sshd and
> sendmail running, do I still need to configure ipf rules to block access
> to ports that aren't open to begin with?  I will be doing NAT for port
> 80; port 80 on the firewall will be redirected to port xxxx on an internal
> machine.

Well if your netstat -an only lists 22 (ssh) & 25 (sendmail) you don't 
need to put ipf rules to block access to ports but you'll do implicitly 
when you put a block in log all somewhere (remember: deny everything and 
open up only what is necessary is the best policy !).

-- 
Saad
"[...]Unfortunately, many journalists and writers have been fooled
into using the word 'hacker' to describe crackers [...]The basic
difference is: hackers build things, crackers break them".

nodisclaimer

References:
- Only two services running
  - From: Robert Johannes <rjohanne@piper.hamline.edu>

Prev by Date: Re: IP traffic accounting
Next by Date: Re: Cable Modem Locking
Prev by thread: Only two services running
Next by thread: IP traffic accounting
Index(es):
- Date
- Thread