On Fri, 3 Aug 2001, Patrick Kirk wrote: > Hi all, > > Now that I've ADSL working, I suppose I'd better take a few precautions. > > 1. Running woody so is there a Woody specific line to add to sources'list > for security updates? No real extra hazards.
> > 2. nmap from a remote host shows the following: > Starting nmap V. 2.12 by Fyodor ([EMAIL PROTECTED], www.insecure.org/nmap/) > Interesting ports on host217-35-25-225.in-addr.btopenworld.com > (217.35.25.225): > Port State Protocol Service > 9 open tcp discard > 13 open tcp daytime > 21 open tcp ftp > 22 open tcp ssh > 25 open tcp smtp > 37 open tcp time > 53 open tcp domain > 79 open tcp finger > 80 open tcp http > 111 open tcp sunrpc > 113 open tcp auth > 139 open tcp netbios-ssn > 515 open tcp printer > 901 open tcp unknown > 1024 open tcp unknown > > I see no need to share a printer, port 25, dns or finger with the internet > at large. In fact, I don't know what finger, sunprpc, time, discard, > daytime do :-( Whoah! This is bad. Edit /etc/inetd.conf and disable every service, except exim (you need a mta for your system). That will help. For the other ports, think about setting up a firewall. Greetz, Sebastiaan > > Any suggested URLs apart from the > http://www.linuxdoc.org/HOWTO/Security-HOWTO.html appreciated. > > Thanks. > -- > Patrick Kirk > GSM: +44 7876 560 646 > ICQ: 42219699 > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
