LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[CLUG] So, you think you're safe?

[CLUG] So, you think you're safe?

Donncha O Caoimh donncha.ocaoimh at tradesignals.com
Mon Apr 3 11:07:20 IST 2000 

Yup, it's a lot more than just a static firewall. 
If you use the "atcp" option it listens in on a selected number of ports
(widely dispersed and you can change them yourself) and if anyone
connects to them their IP address is effectively blocked from your
machine. You can't get to them, and they can't get to you! Of course, if
a service is running on one of the ports it's ignored. 

Portsentry is smart enough to handle different protocols
(http/ftp/telnet etc..) and works very well here in work and at home.

Read the docs on the Portsentry homepage for a lot better description!

Oh yeah, don't block ident. ftp servers, Exchange and IIS send ident
requests back to you and might not allow access if it's blocked.

Donncha.


Collins_Paul at emc.com wrote:
> 
> > From: Donncha O Caoimh [mailto:donncha.ocaoimh at tradesignals.com]
> >
> > I wrote a small article on Portsentry, it's available at
> > http://cork.linux.ie/articles/safe.php3
> 
> I set up ipchains on my box at home when I found two telnet attempts in my
> log files.  I've seen a few connect attempts, mostly to port 119 (ident, I
> think), from a machine that appears to be an Exchange server.  Freaky.
> 
> Does PortSentry offer anything above and beyond plain ipchains in terms of
> protection (obviously ipchains won't send you mail if there someone attempts
> to connect to you)?
> 
> The stuff I have done is udp and tcp ports 0-1023 and 6000-6010 set to DENY;
> is there anything else I should be doing?  (I'm thinking about suppressing
> ping replies.)
>

More information about the Cork mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell