On Thu, Jan 03, 2002 at 03:09:12PM -0800, Ricardo Anguiano wrote: > > is there any reason to open them up? > > Only if you are running something that listens on udp ports. Check with > lsof.
<rant_mode=1> Bad! Security starts with everything turned off. You only open what you need! There's a lot of crap that netstat -an or lsof will find. turn off unused crap in /etc/inetd.conf. turn off nfs, nfs.statd, rpciod, portmap, etc. uninstall telnetd, fingerd, pidentd, etc (typical post potato install). change /etc/hosts.deny to ALL:ALL, add what you need back into /etc/hosts.allow. netstat -an until there is *NOTHING* listening and running that you don't clearly understand and know you need. There is nothing worse about security than the *assumption* that you're secure because you made a few passing overatures at securing your box. Know your box, network, daemons, needs, etc! </rant mode> <!-- rand mode=1 blatantly stolen from www.linuxtoday.org --> Sorry for the rant. It should serve as a good newbie security intro though. -- Ted Deppner http://www.psyber.com/~ted/ _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
