You don't need to block any ports if you turn off unneeded services in
the first place. (You may only need sshd.) Put appropriate access
controls on the services you do provide. _Then_ consider packet
filtering. Packet filtering is only needed if your machine is a
firewall or if you want to restrict services to selected hosts. (It can
also be useful in detecting spoofing.)
T.
Brandon High wrote:
> Does anyone have a recommendation of ports that should be blocked (via
> ipchains/netfilter/etc) to make a system more secure?
>
> In light of the recent security holes, I did a netstat -an, then lsof -i for
> all ports that were listening and/or UDP. I put a filter in the way of
> everything that I didn't want externally visible, but UDP port 1028 shows
> nothing listening lsof. I blocked it out of principle, but does anyone know
> what it might be?
>
> -B
--
Timothy H. Keitt
Department of Ecology and Evolution
State University of New York at Stony Brook
Phone: 631-632-1101, FAX: 631-632-7626
http://life.bio.sunysb.edu/ee/keitt/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
