Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I just made my old computer into a Router/Firewall using Firestarter. I checked the firewall with the Shields Up website and it showed just a few "stealthed" ports, about 3 opened ports, and all the rest showed "closed." It said that all the ports should be "stealthed."
The opened ports really worried me. It showed OpenSSH(which I use locally), DNS(not sure if I need), and some unknown port in the 800's as opened. The only ports I have open in firestarter are port forwarded to my other pc, and that's just azureus, limewire, and a game(these were the only stealthed ports). I also set firestarter to always accept connection from my local IP.
I thought firestarter is supposed to block all inbound connections unless they're specifically allowed?
After this, I did set it to block all ICMP services and ran sheilds up again, and this time it showed everything as "stealthed." I don't know if this will cause any problems or not though? Is my system now firewalled or not?
Distribution: Ubuntu 12.04, Debian Squeeze, Windows 7
Posts: 67
Rep:
**I'm a neWb plz bear with me**
This isn't directly related to the thread and related problem but includes issues with Firestarter, open ports, security, and ultimately Azureus.
I use Firestarter despite the understanding that Ubuntu (my current *nix), by default, closes all incoming ports. I have opened port 6881 for Azureus although Firestarter 'warns' it is open to anyone. At night I leave my torrents on the net to be seeded and on numerous occasions I wake up to see that various high numbered, random ports are open as an active connection ("unkown" apps/service), including various connections, as expected, on port 6881. Finally, they, according to Firestarter, stay active after Azureus is terminated. Is this a serious problem? Any ideas as to why the ports stay open? Related at all to exploits or bugs in Azureus?
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Quote:
Originally Posted by badmofo666
Those all said I passed too. But...
I don't see how just filtering ICMP would close my open ports?
Or were these ports really open?
Because it blocked the out-bound "ICMP port unreachable" errors. It's not any more secure, it just made the scanner happy.
You should check your firewall configuration to see what it's set to block and allow. If SSH is really opened from the Internet, that might not be what you wanted.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.