Firewall Wizards mailing list archives

Re: Port 37628....Is it just another port or out of the extra ordinary???

From: "Paul D. Robertson" <paul () compuwar net>
Date: Thu, 22 Jul 2004 06:48:16 -0400 (EDT)

On Wed, 21 Jul 2004, InHisGrip wrote:

Incidentally, you mentioned about nfslock, since I
don't use nfs or network file system in my small home
network would it be advisable for me to comment this
out from xinetd, disable this service or just leave it
as it is?


Kill everything you don't use, including xinetd.  RH-based variants use
chckconfig so that the system doesn't turn it back on after an upgrade.

Same goes with port 111, sunrpc port and port 773,
notify service, shall I leave these alone too?


Kill -9 'em all and let init sort them out...

Nuke away.

The only services I have enabled are web service and
mail service plus kernel compile and development
options. I hope what I have selected has nothing to do
with the ports that are under question here?


netstat will tell you what's listening, though I prefer using lsof, which
is something I put on almost every *nix system I install.

should have been, based on the listening port above,
would my other PC's get compromised or be subjected to
attack?


"It depends."

Well, I just thought of putting the web server in a
DMZ host and port to protect my other PC's. Since this
is a bastion host which will be accessible for
everyone, the only safeguard I was thinking of is tcp
wrappers, along side with the firewall rules of the
linux box, plus limited permissions on certain
directories.


Keep it in the DMZ, that's where it belongs...

What would you suggest? I am just an intermediate
linux user and would love some feedback from you or
anyone else who are advanced users to linux gurus.


Keep Apache and SSL (if enabled) up to date, along with libc and the
resolver.  Build your own Apache, and disable all the extra stuff you
don't use- especially PHP if you're not active using it.  If you are
actively using it, then you're probably going to be vulnerable at some
point...

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 21)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Chuck Swiger (Jul 22)
  - Re: Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 22)
    - Re: Port 37628....Is it just another port or out of the extra ordinary??? Paul D. Robertson (Jul 22)
  - Re: Port 37628....Is it just another port or out of theextra ordinary??? Kerry Thompson (Jul 23)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Luca Berra (Jul 22)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Devdas Bhagat (Jul 22)
- <Possible follow-ups>
- Re: Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 23)
  - Re: Port 37628....Is it just another port or out of the extra ordinary??? Victor Williams (Jul 25)
    - Re: Port 37628....Is it just another port or out of the extra ordinary??? Mark Tinberg (Jul 26)
    - Re: Port 37628....Is it just another port or out of the extra ordinary??? R. DuFresne (Jul 26)
    - Re: Port 37628....Is it just another port or out of the extra ordinary??? Marcus J. Ranum (Jul 27)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? vbwilliams (Jul 26)
  - Re: Port 37628....Is it just another port or out of the extra ordinary??? Mark Tinberg (Jul 26)

(Thread continues...)