Matthew Micene wrote: > > On Mon, 11 Sep 2000, you wrote: > > Since the foreign address is 0.0.0.0, does that mean that these > > ports are accessable by the world? Port 515 is the print > > spooler, so it sounds bad that that should be world accessable. > > You'd better believe it. And if you want it to get worse, open an X > Window session and watch X pop up on port 6000 and xfs on port 2046 I > think. This is why EVERYONE running a linux box (at home or otherwise) > needs to have a firewall installed of some sort. One solution is > tcpserver as a replacement for inet super server because it supports > binding to a specific interface or address. It is limited in the fact > that it only handles TCP protocols. > > As far as X and xfs go ... pass the -nolisten tcp to your startx script as > a server arg and X will no longer listen on the network for connections. > xfs will take -udpPort 0 to to turn off network requests, but I still > haven't found a good place in prefdm or the like to pass that arg > automatically. If anyone has any tips please post them. "netstat -an --inet | grep LISTEN" says that port 139 (NETBIOS session service) is listening to the world, but "ipchains -L" says this: [root 13:06:16 /home/me (4000.87KB)]# ipchains -L Chain input (policy ACCEPT): target prot opt source destination ports REJECT udp ------ anywhere indi0.indi.se.verio.net/24 any -> 113 DENY tcp ------ anywhere anywhere any -> netbios-ns:netbios-ssn DENY udp ------ anywhere anywhere any -> netbios-ns:netbios-ssn Does this mean that even though netbios-ssn is listening on 113 that ipchains will block any outside requests? (BTW, I guess samba needs netbios-ssn for my internal LAN, which has Windows boxen sharing disks & printer.) Ron -- +----------------------------------------------------------+ | Ron Johnson, Jr. Home: [EMAIL PROTECTED] | | Jefferson, LA USA WWW : [EMAIL PROTECTED] | | | | Most overused words: feel, cool/kewl, fun, myBlah.com | | Most underused word: think | +----------------------------------------------------------+
Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
