Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My users are not able to send email to AOL accounts based AOL's new spam policy. The server information I'm receiving from AOL is based on an open port 3128 on my web server. I have edited my services file in /etc and added port 3128 based on IANA's listing of port 3128. Before I made the change to the services file I could connect to my web server address with port 3128. After rebooting my web server I'm not able to connect which is good. I get a "connection to host lost" message. I should be getting a "could not open connection to host on port 3128 connect failed"
Is there something else I should do? AOL tech's can't give me any more info.
3128 is typically the proxy port for squid. Are you running squid? If yes, set the access list so that only clients on your internal network can connect or shut it down if it's not needed.
Ok, I see it running on my Unix SCO box but not my web server Linux box. If I try to telnet to my web server address with port 3128 I get a connection to host lost. I don't want to connect to port 3128. Well, I mean AOL is telling me I have port 3128 open.
I have found out that I'm not using squid. I'm guessing I need to close the port using an ipchain. Can you give me an example of how to close port 3128 using an ipchain.
!!!!!!Finally!!!!!! after further digging I have closed port 3128.
I have a Cobalt Qube 3 (Sun). I disabled web caching and that eliminated port 80 to being redirected to port 3128.
The standard Linux ipchains utility intercepts HTTP requests and redirects the requests to the squid program. Non-HTTP traffic is routed through the server appliance normally, without redirection.
Disabling the web caching service disabled the ipchains utility to redirect web traffic and disabled squid to cache the web traffic.
By default, port 3128 is open facing both the LAN and the Internet. Now my firewall is working correctly.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.