The first thing I do, right off, is block all ports >1024 coming in, then get a list of what's running, and block everything else except those services I want to pass through...
Brandon High wrote: > Does anyone have a recommendation of ports that should be blocked (via > ipchains/netfilter/etc) to make a system more secure? > > In light of the recent security holes, I did a netstat -an, then lsof -i for > all ports that were listening and/or UDP. I put a filter in the way of > everything that I didn't want externally visible, but UDP port 1028 shows > nothing listening lsof. I blocked it out of principle, but does anyone know > what it might be? > > -B > > -- > Brandon High [EMAIL PROTECTED] > We are Homer of Borg. Resistance is ... Ooo! Donuts! > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
