Re: Locking down UDP port
From: bugtraq@linuxbox.beDate: 12/27/01
- Previous message: Cami Boyd: "windows XP and firewalls"
- In reply to: Devon Ryan: "Re: Locking down UDP ports"
- Next in thread: H Carvey: "Re: Locking down UDP ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 Dec 2001 22:14:12 +0100 (CET) From: <bugtraq@linuxbox.be> To: Devon Ryan <dpryan@midway.uchicago.edu>
On Mon, 24 Dec 2001, Devon Ryan wrote:
> Martin Radvany wrote:
>
> >
> > I have a Linux box running Red Hat 7.0 as a firewall. I
> > used a scanner at www.hackerwacker.com to scan the
> > machine. All TCP ports were closed, as expected, but
> > many UDP ports were open and listed as "danger
> > items," ripe for hacker exploits.
> >
> > I can not seem to find any information on how to
> > disable these ports.
> >
>
If you're using ipchains or iptables just block the udp ports with
-j REJECT at the end of the rule... but you maybe need to let open some
udp ports... try this for example (eth0 is external inet interface..):
for ipchains:
### LET UDP PORT 53 OPEN ###
ipchains -A input -i eth0 -p udp -s 0/0 -d 0/0 53 -j ACCEPT
### SHUT DOWN ALL OTHER PORTS FROM 1><65535 BUT NOT 53 ###
ipchains -A input -i eth0 -p udp -s 0/0 -j REJECT
for iptables:
### LET UDP PORT 53 OPEN ###
iptables -A INPUT -i eth0 -p udp -s 0/0 -d 0/0 53 -j ACCEPT
### SHUT DOWN ALL OTHER PORTS FROM 1><65535 BUT NOT 53 ###
iptables -A INPUT -i eth0 -p udp -s 0/0 -d 0/0 -j REJECT
- Previous message: Cami Boyd: "windows XP and firewalls"
- In reply to: Devon Ryan: "Re: Locking down UDP ports"
- Next in thread: H Carvey: "Re: Locking down UDP ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
