Re: Linux vs LinkSys 4 port Cable router

From:
Date: 10/12/02 

Date: Sat, 12 Oct 2002 04:05:31 GMT

On Fri, 11 Oct 2002 18:51:51 -0700, "2Host.com - Robert"
<admin@-NOSPAM-2host.com> wrote:

>
>
>"John (John)" wrote:
>>
>> Guys,
>>
>> I'd like to expand on this thread a tad and ask a related security
>> queston.
>>
>> I have a Linksys router feeding a Linux (Red Hat 7.3) server and some
>> Windows 98 PCs on my LAN.
>>
>> I run wu-ftpd just as a local service to myself (...I know, I know,
>> I'm gonna shift it over to ProFTPD -- honest!). For security, I have
>> hosts.deny set to ALL and hosts.allow set to only permit my local IPs.
>> I also have all the ports closed on the Linksys router. So, bottom
>> line, I don't want, nor do I expect, to have my FTP service exposed to
>> the outside world.
>>
>> So, the question becomes: why do I see listings in my secure log of
>> outside attempts to access my FTP server?
>>
>> The log shows all the outside attempts as "FAIL", so I'm safe, but why
>> am I seeing anything in the log at all? Why doesn't the Linksys router
>> just bounce the probes before the Linux server "sees" them at all?
>>
>> Thanks for any insights you can offer.
>>
>
>You need to deny any outside connections to the FTP port, or they will
>access that service on the system and be denied because their IP isn't
>local. What Linksys router model do you have? What options do you see
>when accessing the router? It should be pretty straight forward. You
>should do this for any service you don't want someone getting into your
>local LAN via a remote connection.
>--
>Regards,
>Robert McGregor - Email: admin@(remove)2host.com. Phone: 530-941-0690
>Server admin, support & programing for shared & dedicated web servers
>Secure, reliable hosting you expect and deserve! http://www.2host.com

Robert,

I have the Linksys BEFSR41 and no ports are forwarded. (FTP was
forwarded at one time, but I made sure that it was not "Enabled" --
the box was unchecked.)

Also, as I mentioned, I have hosts.deny set to ALL with hosts.allow
specifically set to allow only my own, non-routeable, internal LAN IP
addresses.

So, if its more straight forward than that <g>, what am I missing,
here? I'd love to know where I went wrong so I can fix it and, more
importantly, get a better understanding of what I should be doing.

Thanks.

========================
John--
nntp01@helpbizowners.com
========================

Relevant Pages

  • Re: passiver FTP auf windows server 2003
    ... aber nur bestimte Ports per TCP/IP ... Dies ist dann das Problem beim passiven FTP. ... Ich hoffe Du hast noch sowas wie eine Firewall vor dem Server stehen, ...
    (microsoft.public.de.german.windows.server.setup)
  • Re: FTP server behind NAT using Kerio
    ... > I have a Windows 2000 FTP server running behind a Linksys DSL router. ... it is ftp at work. ... > Can I open up a range of outgoing ports for IIS? ...
    (comp.security.firewalls)
  • Re: ServU-deamon trojan warning with McAfee
    ... FTP FTP FTP. ... You did it to yourself by having FTP server on your SBS box without the ... > software didn't pick up this infection altough the DAT file included the ... > document what ports need to be opened and for what reason? ...
    (microsoft.public.backoffice.smallbiz2000)
  • About utility of a firewall with win2000 server
    ... I'm configuring a webserver. ... It will be used exclusively for web services (http and ftp). ... All the ports are opened as soon as an IP adress is affected? ... dans un datacenter. ...
    (microsoft.public.win2000.security)
  • Re: Linux vs LinkSys 4 port Cable router
    ... >> I also have all the ports closed on the Linksys router. ... >> outside attempts to access my FTP server? ... I have the Linksys BEFSR41 and no ports are forwarded. ...
    (comp.os.linux.security)