I want to close all unnecessary ports on my linux box, i.e. other than 80, 21, 25, i want all the others closed.

I want telnet to be disabled as I want only SSH

I use apache,mysql,modssl,php,ftp,smtp... so please advise me of the most amount of ports i may lock.

Oh and please include info on how to actually close the ports!

Cheers

For a start:

You'll have to set up a script file named firewall.rc.config in /etc/rc.d/ in which you configure your firewall. This is done using ipchains or iptables (since Kernel 2.4) I haven't figured out the exact syntax of the tools yet, but you'll probably have a good start reading the manuals in /usr/lib/... That's at least what I will do in the near future. (I'm working on the same task)

Concerning the ports: You do have to know which services you want to provide on the server. There is already some sort of list typed down in SuSe Linux so you can use commands like

Accept port_FTP (This for sure isn't the right syntax though.) Also try checking out linuxdoc.org for howtos on firewalling. They provide some simple setups using IPChains.

Hope this will get you going!

The easiest way to shut down a port is to remove the software completely. If these is no software to open the port you will NEVER have a problem. Otherwise just turn off the services that you don't use.

If you don't want telnet then by shutting it down or removing the package you will have effectively shut down port 23.

And then when you set up your firewall, block these ports anyways for good measure.