Clifford Hammerschmidt <[EMAIL PROTECTED]> wrote:
>
> >ipchains -A input -j ACCEPT -y -p tcp -s 0.0.0.0/0 20 -d yourip 1024:65535
>
> This is also the same an -P input ACCEPT... your allowing anyone to
> connect from their port 20 (easy enough to spoof) to your box on any
> port above 1023... not a great idea.
I think he later changed it to encompass only the masq range, 61000-
65535, but still, the point is valid. Even with the looser ruleset,
though, few important services are above the 1024 port range. The only
ones that comes to mind are NFS and X, both of which can be specifically
blocked. I wouldn't worry so much.
> Someone using NMap could scan all your upper ports easily.
And what would they find there?
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut
sometimes known as David DeSimone || butter quite like unrequited love."
http://www.dallas.net/~fox/ || -- Charlie Brown
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
