LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-15-2004, 08:04 PM   #1
ryedunn
Member
 
Registered: Jul 2003
Location: Chicago
Distribution: Fedora, ubuntu
Posts: 459

Rep: Reputation: 30
holes in firewall?


I just downloaded a nice little (huge actually 40pgs) firewall.... nice interface, easy to setup etc... http://projectfiles.com/firewall/

but when scanning open ports I noticed UDP ports 135, 137, 138, 139 (netbios) and 1080 (IRC) have all be left open. Is this something I should worry about?
 
Old 10-16-2004, 02:37 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
when scanning open ports I noticed UDP ports 135, 137, 138, 139 (netbios) and 1080 (IRC) have all be left open. Is this something I should worry about?

Depends. If you are not running Samba, then there is no reason to have the netbios ports open at all. If you are running Samba, then those ports should be open only to the neccessary hosts on your network. Either way, the Samba ports should not be open to the internet in general (Samba isn't really designed as a security hardened server application). If your are not running an IRC server, then you should not have that port open either.

In general, to close a udp port:

iptables -I INPUT -p udp --dport <port_number> -j DROP

So to close udp port 135:

iptables -I INPUT -p udp --dport 135 -j DROP

Just goes to show you that a large firewall script does not equal a good firewall. I've seen plenty of small, concisely written firewall scripts that are very effective. Also I probably wouldn't use stuff from Viginia Tech, you never can trust those Hokies
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Poking holes in my Firewall for SMB shares Mr. Slappy SUSE / openSUSE 7 06-20-2005 01:53 PM
Firewall full of holes. Proxy authentication ? fipeso Linux - Security 3 05-07-2005 03:05 AM
Files with holes alltime Programming 3 03-13-2005 03:33 PM
Punching holes through the RedHat 9 firewall fturcic Linux - Security 2 03-11-2005 01:15 AM
Poking Holes in Linux Firewall, Kernel 2.2 moochoo59 Linux - Security 2 04-13-2004 08:07 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:53 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration