Linux Employment Opp

Craig White CraigWhite@AzApple.com
Thu, 30 Mar 2000 23:53:11 -0700


Having been violated...I am visiting with some thought...ipchains rules

I am currently blocking the following ports on my external network card...

23  (telnet)
53  (dns)
67  (bootp)
68  (bootp)
137 (netbios)
138 (netbios)

I also noticed that you have to be careful what you log when you are
connecting to @home's shared bandwidth because if you ignore all the jerks
doing endless port scanning, your logs will still multiply like flies in a
Chicago neighborhood if you log activity at ports 67, 68 & 2301.

obviously, if I want to give internet access to mail, ftp & www, I would
allow ports 25, 110, 21 & 80 (possibly 443) but I'm wondering if I'm missing
some obvious ports that are known to be exploited. Any suggestions?

one other question...if I don't install ssh, is there any benefit to create
a rule for ipchains to DENY/REJECT port 22 or is it meaningless if neither
inetd nor any other daemon monitors it?

thanks

Craig

----:----|----:----|----:----|----:----|----:----|----:----|
- Craig White - PO Box 8634 - Scottsdale, Arizona - 85252
- e-mail address ................ - CraigWhite@AzApple.com
- world wide web address ........ - http://www.AzApple.com
- e-mail my pager address ....... - 6023779752@airtouch.net
- cellular phone ................ - (602) 377-9752
- voice/facsimile ............... - (480) 945-8445
----:----|----:----|----:----|----:----|----:----|----:----|