Vadim, I would turn off the services that are using those ports (if you don't need them). For instance, port 22 is going to be your ssh daemon listening for connections. If you have a standalone workstation, I can't imagine why you would need ssh running. I'm not sure what the other ports are. If you do a $netstat -a it will tell you the name of the ports. If you're not using them, stop the services or uninstall the packages that are launching them. ----- Original Message ----- From: "Vadim Kutsyy" <[EMAIL PROTECTED]> To: "Debian User" <debian-user@lists.debian.org> Sent: Monday, February 12, 2001 11:33 PM Subject: iptables rules and open ports
> I have stand alone workstation withour any network, so I am trying to > keep all ports close. I run kernel 2.4 with iptables. Recent scaning > (by www.dslreports.com) shows that ports 13,22,37 and 9 are open. Any > recomendation on how to close them? > > Thanks. > > My iptables rulles: > -------------------------------------------- > # Insert connection-tracking modules(not needed if built into kernel). > insmod ip_conntrack > insmod ip_conntrack_ftp > > # Create chain which blocks new connections, except if coming from > inside. > iptables -N block > iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT > iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT > iptables -A block -j DROP > > # Jump to that chain from INPUT and FORWARD chains. > iptables -A INPUT -j block > iptables -A FORWARD -j block > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
