Re: Starting iptables

Thu, 19 Oct 2006 10:29:27 -0700 

On 10/19/2006 06:40 AM, L.V.Gandhi wrote:

On 10/19/06, Mumia W.. <[EMAIL PROTECTED]> wrote:


On 10/19/2006 12:39 AM, cothrige wrote:
> * John Hasler ([EMAIL PROTECTED]) wrote:
>> The name is misleading.  Ipmasq configures both NAT and
firewalling.  The
>> default configuration is suitable for most, but you can tweak the
scripts
>> to do whatever you need.
>>
>> However, it is not clear that you need a firewall at all.  If you have
only
>> the one machine, just don't open any ports.
>
> I guess I have never really thought about it that way.  I have just
> assumed that I was better off for having something like a firewall in
> place on any computer connected to the internet.  And I have opened no
> ports intentionally, but now I am wondering just how to find out what
> ports are open and how they got that way?  Any recommendations?
>
> Patrick
>
>

This site, http://www.grc.com , has a service called Shields-Up that
will help you find out what, if any, ports are open on your computer.


Also, "netstat -putl" will let you find out what listening ports are 
open.


In my machine, following is the output. can you explain the significance
of [the] columns? How to interpret it?

[EMAIL PROTECTED]:~# netstat -putl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address
State       PID/Program name
tcp        0      0 localhost.localdo:mysql *:*
LISTEN     4303/mysqld
tcp        0      0 *:34637                 *:*
LISTEN     4539/rpc.statd
tcp        0      0 *:sunrpc                *:*
LISTEN     3932/portmap
tcp        0      0 *:auth                  *:*
LISTEN     4485/inetd
tcp        0      0 localhost.localdom:smtp *:*
LISTEN     4475/exim4
tcp6       0      0 *:ssh                   *:*
LISTEN     4514/sshd
udp        0      0 *:32769
*:*                                4539/rpc.statd
udp        0      0 *:899
*:*                                4539/rpc.statd
udp        0      0 *:bootpc
*:*                                3913/dhclient
udp        0      0 *:sunrpc
*:*                                3932/portmap



(Re-directed to the list.)


Read "man netstat" to get the documentation on netstat. Reveal the port 
numbers using "netstat -putln"



You should go to http://www.grc.com/ and use the Shields-Up service. 
There they talk about the port numbers and their meanings.



On your machine, mysql is listening on tcp port 3306. RPC (Remote 
Procedure Call) is listening on tcp port 34637 and udp ports 32769, 899 
and 111. Sshd is listening on tcp port 22, and exim4 is listening on tcp 
port 25.


Take a look at the GRC site.

--
[EMAIL PROTECTED]


--

To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
























					Reply via email to