Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I was made to understand that trojans and flooders have ports, where can i get the full list of this trojans and flooders and their ports numders so that i can block them with iptables.
It is not possible to do so. You will grow old blocking all the trojans . There are ports required for software to work but which trojans also use. What would you do then? Its not possssible to block off port 80 ? Sure no work would enter through port 80 but no one would be able to reach your webserver either.
However what you should rather be doing is allowing all you want on your firewall/router/blocking device and blocking everything else with a "deny all" rule right at the end.
I was made to understand that trojans and flooders have ports, where can i get the full list of this trojans and flooders and their ports numders so that i can block them with iptables.
No such thing as a "full list". Any port that is open is liable for attack. Rather than trying to figure out what to exclude you should figure out what to include. That is to say use iptables to turn off ALL ports then modify it to turn on only those you need. So if you don't have a web application (e.g. Apache) on the box there is no reason to open port 8080 or 443. If you do then you'd open the specific port needed.
Also be sure to turn off unecessary/insecure services. (e.g. telnet - use ssh instead, or ftp - use scp/sftp instead).
Indeed they are, here's the notice to the OP: Please post your thread in only one forum and only once. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. These threads have been merged because they are duplicates.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
. There are ports required for software to work but which trojans also use. What would you do then? Its not possssible to block off port 80 ? Sure no work would enter through port 80 but no one would be able to reach your webserver either.
