Re: Port number query

From: Armin Krawinkel (geschrei@gmx.at)
Date: 01/29/03 

From: Armin Krawinkel <geschrei@gmx.at>
Date: Wed, 29 Jan 2003 22:31:32 GMT

Robert Flint wrote:

>
> "Armin Krawinkel" <geschrei@gmx.at> wrote in message
> news:P8LZ9.23920$xv1.294899@news.chello.at...
>> Robert Flint wrote:
>>
>> > I am running a SuSE Linux 8 machine and have started to play with
>> > the firewall settings.
>> >
>> > I want the following services to be available
>> >
>> > SSH
>> > NFS server
>> > Samba server
>> > NIS server
>>
>> you want nfs, samba and nis to be open to the internet? are u
>> crazy? that is like putting a big sign showing "HEY CRACKERS!! HERE
>> I AM!! 0WN MY BOX!!" on your pc
>>
>>
>> > and everything else
>> > blocked.
>>
>> dont start any other services and no other ports will be open.
>>
>>
>> you can find out the portnumbers from /etc/services
>>
>> --
>>
>> Beer....Helping uglY people have sex since 1862!
>
> No, we are on a local LAN behind a corporate firewall but I want to
> be able to protect the machines from internal as well as external
> attack. On a university network you cannot be certain that all the
> 'bad guys' are on the outside!

oh so that is what you need...you should have included this info in
your
original post.

well if you are in a LAN and want IP based control you will almost
certainly
need a nice script with iptables rules.

check out for www.linuxguruz.org...they have good example scripts that
can
easily adapted to fit your needs. read them, read the iptables manpage
and
learn how networking works and you will do well on securing your box. 

-- 
Beer....Helping uglY people have sex since 1862!