Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Port 37628....Is it just another port or out of the extra ordinary???

From: Chuck Swiger <chuck () codefab com>
Date: Wed, 21 Jul 2004 23:07:18 -0400
InHisGrip wrote:
[ ... ]
To answer the subject, rumor has it that port 37628 is used by the nfslock service on some common Linux platforms (ie, Redhat). It's probably that or some other RPC-based service, considering that port 111 also open.
Although it is possible something bad is using that port, I'd start by checking which services you have enabled. It would have helped if you had mentioned which version and distribution of Linux you are running, BTW. 


Oh, by the way, just wanted to make sure because I
have  placed the web server in a DMZ port and zone
from my linksys router and I think but not sure that
I am being shielded and protected atleast?
Probably not, actually: a machine in the DMZ does not have the firewall rules protecting it, the router just forwards traffic to the DMZ host as-is.
There are plenty of tools which will do a port scan of your network from outside: try using one. 


Likewise, I have enabled advanced firewall protection on my
linksys router.
I think that means you've got a stateful NAT firewall going. It's certainly useful and functional, but offers no protection for the DMZ host. Use specific port forwarding rules instead of the DMZ if you want to improve your security, and/or lockdown unneeded services on your Linux box. 

--
-Chuck
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: