On 10-Jul-2001 civileme wrote:
> On Tuesday 10 July 2001 09:25, Arman Khalatyan wrote:
>> Hallo!
>> Hoto close some ports...
>> I have Mandrake 7.2 with 2.4.1 kernel.
>> #############################################################
>> [arm2arm@icas> arm2arm]$ nmap localhost
>> Starting nmap V. 2.53 by [EMAIL PROTECTED] ( www.insecure.org/nmap/ )
>> Interesting ports on localhost.localdomain (127.0.0.1):
>> (The 1514 ports scanned but not shown below are in state: closed)
>> Port State Service
>> 21/tcp open ftp
>> 23/tcp open telnet
>> 25/tcp open smtp
>> 110/tcp open pop-3
>> 113/tcp open auth <-- I wont to close this one
>> 443/tcp open https
>> 513/tcp open login
>> 1024/tcp open kdm <-- I wont to close this one
>> 6000/tcp open X11 <-- I wont to close this one
>> ##############################################################
>> Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds
>>
>> Bests ArMan.
>
> Would you settle for filtered?
>
> Closing the ports means the server is not running. Stop kdm and you won't be
> logging in to graphics window managers; stop X and you won't have any
> graphics system, and stop auth and you won't be able to login.
>
>
> iptables -I 1 -t filter INPUT -p tcp -s !127.0.0.1 --dport 6000 DROP
> iptables -I 1 -t filter INPUT -p tcp -s !127.0.0.1 --dport 113 DROP
> iptables -I 1 -t filter INPUT -p tcp -s !127.0.0.1 --dport 1024 DROP
that should be -j DROP and not just DROP (prehaps it will still work but the
correct syntax is -j)
there's a nice howto on iptables and packet filtering at
netfilter.filewatcher.org or look at the ipchains howto at linuxdocs.org (which
can give you additional hints on packet filtering)
> Those are faily strict rules--ssh logins will not be possible externally, nor
> will exports through xhost (where your screen appears on some other
> computer).
> Now you have a problem. 72 does not have iptables, but that is what kernel
> 2.4 uses. I am unsure how to activate ipchains for kernel 2.4, and I think
> you would be well-advised to seek out and compile the tarballs or source rpms
> for iptables since the 8.0 mandrake cannot supply the binaries.
>
there's a module ipchains in kernel 2.4 which will enable use of the ipchains
command (you could still use ipfwadm with the ipfwadm module...)
----------------------------------
E-Mail: Gregor Maier <[EMAIL PROTECTED]>
Date: 10-Jul-2001
Time: 11:57:06
----------------------------------