On Thu, 19 Aug 2004 19:44:06 -0600, Dana J. Laude <[EMAIL PROTECTED]> wrote:
> Or better yet, Jon should checkout the following link:
> http://www.debian.org/doc/user-manuals#securing
>
> The harden-doc is outdated except on unstable, so you're better
> off reading the online version at the above
On Tuesday 21 September 2004 11:57, Tom Allison wrote:
> [EMAIL PROTECTED] wrote:
> >>If a port is open, and associated with a program which isn't from a
> >>debian package and you don't believe you put it there yourself -
> >> its time to consider the possibility your machine has been
> >> comprom
On Wednesday September 22 at 02:36pm
Dave Howorth <[EMAIL PROTECTED]> wrote:
> Tom Allison wrote:
> > More importantly today is to understand how 99.9% of the virus and
> > malware is transmitted today. It's not through unfiltered ports and
> > such as described in your original email, but throu
Tom Allison wrote:
More importantly today is to understand how 99.9% of the virus and
malware is transmitted today. It's not through unfiltered ports and
such as described in your original email, but through the email
mechanism (or http) itself. And while I don't have any hard numbers at
my d
On Tuesday 21 September 2004 04:57, Tom Allison wrote:
> > At the risk of provoking the usual "WELL GO RUN WINDOWS THEN!!!"
> > knee-jerk reaction, I will mention that the Gatesware-based firewall
> > packages (like "Zone Alarm") will detect *outgoing* connection attempts
> > and query whether the
[EMAIL PROTECTED] wrote:
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself - its
time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
At the risk of
ShieldsUP! isn't a firewall, it's just a service which port scans you and
tells you the results.
Mezig said:
> [EMAIL PROTECTED] wrote:
>
> For a fast but supposed secure FW, can't you use 'ShieldUP' from the site :
>
> http://www.grc.com/ ? It close all the ports under nux and win-sheet too
> :(!
[EMAIL PROTECTED] wrote:
On Mon, 23 Aug 2004 13:05:00 +0800, "Katipo" <[EMAIL PROTECTED]>
said:
In any case, I've as yet been unable to find any way of getting
detection and authorization of outgoing requests with any
of the Linux firewalls, or with IPtables - although I can hardly say
that
I've
On Mon, 23 Aug 2004 13:05:00 +0800, "Katipo" <[EMAIL PROTECTED]>
said:
> >In any case, I've as yet been unable to find any way of getting
> >detection and authorization of outgoing requests with any
> >of the Linux firewalls, or with IPtables - although I can hardly say
> >that
> >I've thoroughly
rsday, 26 August 2004 9:07 a.m.
To: [EMAIL PROTECTED]
Subject: Re: All these open ports
> So what are exactly are you worried about? A program uploading
> sensitive data to a random server? Well the easiest way for a program
> to do that is to invoke sendmail to e-mail the information to
> So what are exactly are you worried about? A program uploading
> sensitive data to a random server? Well the easiest way for a program
> to do that is to invoke sendmail to e-mail the information to the
> server. In which case the program never attempts to open a port, your
> m-t-a does. Yo
[EMAIL PROTECTED] wrote:
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself - its
time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
At the risk of
[EMAIL PROTECTED] wrote:
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself - its
time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
<>
In an
> If a port is open, and associated with a program which isn't from a
> debian package and you don't believe you put it there yourself - its
> time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
At the risk of provoking the usu
Jon Dowland wrote:
On Fri, 13 Aug 2004 21:56:17 -0400, Tong <[EMAIL PROTECTED]> wrote:
Hi,
I've just noticed that my debian testing open many ports by default:
How can I close them?
Firstly open up the rc file for your inetd (e.g. /etc/inetd.conf) and
comment out any lines you don't need. This sho
On Fri, 13 Aug 2004 21:56:17 -0400, Tong <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I've just noticed that my debian testing open many ports by default:
>
> How can I close them?
Firstly open up the rc file for your inetd (e.g. /etc/inetd.conf) and
comment out any lines you don't need. This should do
Generally speaking, to close a port, you shut down whatever deamon is
listening on it. For example, if you had port 80 open, and want to
close it, shut down your web server (apache or whatever else).
Same with ssh - to close that port, shut down sshd.
On Fri, 13 Aug 2004 21:56:17 -0400, Tong <[EM
On Fri, 13 Aug 2004 23:55:46 -0600, s. keeling wrote:
> Incoming from [EMAIL PROTECTED]:
>>
>> >I've just noticed that my debian testing open many ports by default:
>> >
>> >tcp0 0 *:dict *:* LISTEN
>>
>> I'm curious which utility produced th
[EMAIL PROTECTED] wrote:
I've just noticed that my debian testing open many ports by default:
tcp0 0 *:dict *:* LISTEN
tcp0 0 *:time *:* LISTEN
tcp0 0 *:discard *:
Hello
Tong (<[EMAIL PROTECTED]>) wrote:
> I've just noticed that my debian testing open many ports by default:
Some of them are opened by inetd. You can use "dpkg-reconfigure inetd",
or edit /etc/inetd.conf and comment out the protocols you don't need.
After that, restart inetd.
> tcp0
Incoming from [EMAIL PROTECTED]:
>
> >I've just noticed that my debian testing open many ports by default:
> >
> >tcp0 0 *:dict *:* LISTEN
>
> I'm curious which utility produced that listing; I haven't seen "lsof"
> produce that - ?
That woul
>I've just noticed that my debian testing open many ports by default:
>
>tcp0 0 *:dict *:* LISTEN
>tcp0 0 *:time *:* LISTEN
>tcp0 0 *:discard *:*
On Fri, Aug 13, 2004 at 09:56:17PM -0400, Tong wrote:
> Hi,
>
> I've just noticed that my debian testing open many ports by default:
Uninstall the respective services. Or, use a firewalling system
(dedicated firewall, iptables, etc...)
To find out what service uses what port:
stefan:~$ sudo l
23 matches
Mail list logo