On Friday 20. Julyta 2001 19:17, you wrote:
> I have set-up the firewall on a DNS server to HIGH & only open the UDP
> port, but when I ask www.hackerwatch.org/probe to probe the system it
> states that the following ports are open ! 21,23,25,80,110,139,143,443
> Is this correct and to be expected ?
No, absolutely not. You shouldn't have telnet, FTP, WWW, mail and SMB servers
running on a machine supposed to be a DNS server.
Are you sure the scan was on _your_ machine, not on your ISP's firewall? Did
you check the IP address reported by the scanner?
> How do I close the unwanted ports ?
First, run chkconfig to see what services you are running, then shut down any
unnnecessary ones. Even better, uninstall the packages you don't need.
> how do I make the system more secure (as secure as is reasonable for a DNS
> server)
I recommend Bastille-Linux (http://www.bastille-linux.org/) to setup your
firewall configuration and generally harden your system.
--
Markku Kolkka
[EMAIL PROTECTED]
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
