Michael Banck wrote: > huh, my protscan shows this: > > Interesting ports on Blackbird (127.0.0.1): > Port State Protocol Service > 9 open tcp discard > 13 open tcp daytime > 21 open tcp ftp > 23 open tcp telnet > 25 open tcp smtp > 37 open tcp time > 111 open tcp sunrpc > 119 open tcp nntp > 139 open tcp netbios-ssn > 757 open tcp unknown > 1024 open tcp unknown > 1025 open tcp listen > 6000 open tcp X11 > > first of all, what are these "unknown" entries about? these ports are > not listed in /etc/services.
What i do is run the command "lsof | grep 757" to see what process is on that port. i believe that is a NFS/rpc service though. > > and then, I use my machine as a gateway to the Internet, so is this > ipchains-chain alright or do I need more firewalling? > ipchains -A input -p tcp -i ippp0 -y -l -j DENY > > ippp0 is my ISDN-device. that looks as if it would probably work.(im not an ipchains expert) I would suggest scanning your ppp IP with nmap to see what is accessable to the outside world. if for some reason ipchains isn't blocking it, i would block everything except ftp, telnet, smtp (unless u don't need them then block them too) on my machine (portal.aphroland.org, DSL) i have SSH, ftp, http, and auth(port 113, for irc) open everything else is firewalled shut. And that box has a _LOT_ of things running, probably 50 open ports if i didn't firewall it. > Thanks a lot, sure, glad to help! nate -- ::: ICQ: 75132336 http://www.aphroland.org/ http://www.linuxpowered.net/ [EMAIL PROTECTED]
