Full Disclosure mailing list archives
Re: closing ports
From: hena <hena () hack fi>
Date: Fri, 07 Nov 2003 15:30:56 +0200
Hi. if your running linux try something like iptables -t filter -A INPUT -p tcp -s 0.0.0.0 --syn -j REJECT --reject-with tcp-reset this way you get ALL the ports closed, even the local range ports and still have a working connection, then open the ones you need to have open. The --syn flag drops all packets that have syn bit enabled and ack bit not(these are the connection initiation packets). On Fri, 2003-11-07 at 09:50, Christ-Henning Ljosheim wrote:
Hi I am new in this group (from Norway) Do you have any tips for which ports I should close to held my network clean for intruders ? I've closed port 1214 and 6881 to 6889 . Anyone else I should close ? Chris
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- closing ports Christ-Henning Ljosheim (Nov 07)
- Re: closing ports Charles E. Hill (Nov 07)
- Re: closing ports Valdis . Kletnieks (Nov 07)
- Re: closing ports hena (Nov 07)
- Re: closing ports Valdis . Kletnieks (Nov 07)
- Re: closing ports Blue Boar (Nov 07)
- <Possible follow-ups>
- Re: closing ports marko (Nov 07)
- RE: closing ports Anjan Dave (Nov 07)