[plug] Security

Damion Hill dhill at wantree.com.au
Wed Jun 16 16:27:54 WST 1999 

Christian wrote:
> 
> My reading of Damion's original email was that he was using the machine
> purely as a workstation and didn't feel that he needed to have many (if
> any) network services running on it.  In which case, a firewall is a
> nice "bunny rug" but little else.  Also, as John pointed out, CGI
> scripts represent an avenue for attacking a system which your average IP
> filtering firewall wouldn't help with (although in Damion's case he
> quite possibly won't be running a web server in which case this is not
> so relevant).  Either way, my original point was that in Damion's
> situation a firewall is probably of little benefit.
> 

Thanks to all who have made suggestions, it's great to see that we do
have options with linux as opposed to Windows were you get the box only.

I followed Christian's suggestion about running netstat to see what was
open and found 12 tcp ports listening. Some I expected, others caused me
to have another look at config and some just baffle me.

The open ports are :- ppp connection to wantree, 6000, 1024, mysql, www,
printer, ged:domain, linuxconf, auth, time, login and shell.

I hadn't realised that linuxconf was open (closing soon). It is listed
in inetd.conf below the comment about the end of the file. Port 80 and
the mysql port are open because I'm playing with php3 and mysql for work
and I also like the ability to have my own private web server (boys and
toys). My assertion about using this box as a workstation is technically
incorrect based on this but I don't intend for the server to publish on
to the other side of my dial-up link.

The other ports I imagine are all OK if not necessary to have open for
basic functioning. The two that I don't know about are 1024 and 6000.
I'm guessing from a previous post that 6000 is the xserver. 1024 is one
that I know is signifigant but I have no idea why or what listens on
this port.

It looks like I will have to do some reading up on ipchains and ip
forwarding as I intend to build an experimental network in the coming
months that will have a linux base with a netware server and linux and
Win95/98/NT/2000B3 clients (not all at once, the Win machine will suffer
mpd as it is rebuilt time and time again - hey! sounds like a normal
installation!)

Thanks again for the help!

Damion.

-- 
Damion Hill
dhill at wantree.com.au

More information about the plug mailing list