In addition to pmfirewall (and yes, the URL is correct) I would visit
www.psionic.com and download portsentry and logcheck. Hostsentry is a good
utility also.
Portsentry will listen to all the ports to detect port scanning, and react
in less than a second to block the IP address of the offending host.
I use both pmfirewall and portsentry and when I had www.hackerwhacker.com
run a harsh external nmap scan on my machine, portsentry block hackerwhacker
and they couldn't finish the scan. Actually, a good thing... but i think I
should have set their IP to ignore in portsentry just so I could get the
results...no big deal at this point. It works just great!
--Greg
> If you have a NEW installation of LM 7.1 and the security is set to low,
you
> will have a fairly open system. You need to install a method to close
these
> ports from ipchains. I would recommend using a very easy utility called
> pmfirewall. It saved me lots of time and did about 90 percent of the work
> for me in the firewall I just set up for a HUGE customer. I think that
the
> url is www.pointman.org This is the direction I would point you in for
> security....Also, I would recommend some reading on the ipchains,
> masquerading, and firewalling HOWTOs. These are really great reading from
a
> security standpoint.
>
> Steve Weltman
> (from Beijing)
> ----- Original Message -----
> From: "Goldenpi" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, August 24, 2000 2:02 AM
> Subject: [newbie] Why are these ports open?
>
>
> > While I was testing a portscaner on localhost(Why do you think I got
> linux?)
> > I noticed my new installation is running remote login, ftp, and some
other
> > services. Why are these open, and how do I close them.
> >
> >
>
>
______________________________________________________________________________
Vous avez un site perso ?
2 millions de francs à gagner sur i(france) !
Webmasters : ZE CONCOURS ! http://www.ifrance.com/_reloc/concours.emailif
