On Tue, Dec 04, 2001 at 09:18:09PM +0100, J. Paul Bruns-Bielkowicz wrote: > Hi, > I disabled all but a few ports in /etc/services, but I have > tcp 0 0 pa237.olsztyn.sdi.t:111 80.116.215.37:1064 > ESTABLISHED > when I netstat my machine. What exactly does this mean? I just want > 25/tcp open smtp > 37/tcp open time > 66/tcp open sql*net > 80/tcp open http > 110/tcp open pop-3 > 443/tcp open https > 3306/tcp open mysql > open. How can I close ports 111 and 859? They are not enabled in > /etc/services > Thanks, > J. Paul Bruns-Bielkowicz > http://www.america.prv.pl > I suggest ipchains or iptables (depends on kernel version you have). And then (ipchains example) ipchains -A input ACCEPT -p tcp --destination-port 25 (repeat for all ports that have to be open) ipchains -A input DENY (this will close the rest without notifying client machine that it's packet was filtered)
You may also want to log denied packets (add -l in DENY line), but it can be a lot of stuff so consider it carefully. More information can be found at ipchains-howto Jaroslaw Postawa [EMAIL PROTECTED]
