LinuxSA Mailing list archives

  From: Richard Sharpe <sharpe@ns.aus.com>
  To  : LinuxSA@linuxsa.org.au
  Date: Thu, 25 Nov 1999 09:49:03 +1000

Re: linuxconf port 98 - huh?

Hi,

At 09:22 PM 11/25/99 +1030, justin@sprawl.com.au wrote:
>Hi!
>
>On Thu, Nov 25, 1999 at 08:36:33PM +1030, Alan Kennington wrote:
>
>> Boring, no?
>
>Yup. We get regular attempts to ports 143, 1080, etc, etc, too. The usual
>stuff. Attempted telnets as 'root' and ftp logins as 'mp3' are occasionally
>amusing, too. :)
>
>> TCP port 98 is now another port on my list of things
>> to close off.
>
>Cool. May I suggest that a better approach is to block *everything*, and then
>let through the ports that you need? i.e. for a webserver on a ppp
>link/ethernet:
>
>allow inbound tcp port 80 (http)
>allow inbound tcp port 22 (ssh)
>deny all other inbound access over the ppp link
>allow/forward all access from ethernet interface

Yes, this is pretty tight.  Standard rule of thumb in security

  paranoia rules!

You might allow inbound tcp port 24 (smtp) with smap or a very recent
version of sendmail or postfix behind it.

>This protects you a lot more against stuff you don't know about, and is
faster
>and easier to maintain.
>
>-- 
>justin viiret <justin@sprawl.com.au>             phone: +61 8 8379 2492
>cyburbia network services - web tech             mobile: 0412 222 585
>sprawl technologies - human interface		 fax: +61 8 8379 1400
>http://jv.sprawl.com.au/                         adelaide, australia


Regards
-------
Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-),
Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org)
Co-author, SAMS Teach Yourself Samba in 24 Hours
Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject