Re: [fw-wiz] Port 37628....Is it just another port or out of the extra ordinary???
From: Chuck Swiger (chuck_at_codefab.com)
To: email@example.com Date: Wed, 21 Jul 2004 23:07:18 -0400
[ ... ]
To answer the subject, rumor has it that port 37628 is used by the nfslock
service on some common Linux platforms (ie, Redhat). It's probably that or
some other RPC-based service, considering that port 111 also open.
Although it is possible something bad is using that port, I'd start by
checking which services you have enabled. It would have helped if you had
mentioned which version and distribution of Linux you are running, BTW.
> Oh, by the way, just wanted to make sure because I
> have placed the web server in a DMZ port and zone
> from my linksys router and I think but not sure that
> I am being shielded and protected atleast?
Probably not, actually: a machine in the DMZ does not have the firewall rules
protecting it, the router just forwards traffic to the DMZ host as-is.
There are plenty of tools which will do a port scan of your network from
outside: try using one.
> Likewise, I have enabled advanced firewall protection on my
> linksys router.
I think that means you've got a stateful NAT firewall going. It's certainly
useful and functional, but offers no protection for the DMZ host. Use
specific port forwarding rules instead of the DMZ if you want to improve your
security, and/or lockdown unneeded services on your Linux box.
-- -Chuck _______________________________________________ firewall-wizards mailing list firstname.lastname@example.org http://honor.icsalabs.com/mailman/listinfo/firewall-wizards