I was wondering why is letting ports open such a big deal?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I was wondering why is letting ports open such a big deal?
I'm not into hacking so I really don't understand what could constitute a security risk or not. I'm always told P2P groups are security risks and you shouldn't leave ports open. The only thing I can think of why ports open would be an issue is if you downloaded some hidden server software that resides on your computer which can give potential hackers access to your computer. Are there other reasons? Also I'm working on a server-client program that needs the data to be encrypted. I have some encryption algorithms for it but I'd like to test if it works since all I see is the end result. I heard about programs that allow you to watch data transfers from one computer to another. Which do you think is the best one?
Opening ports on a computer is like adding more doors in a building. While you may have security features such a camaras, locks, guards, etc in place to monitor and control who enters the building, the extra doors are still possible points of entry for unauthorized people. In a secure environment, you want to remove as many undesired access points as possible. Even if your software does not contain "hidden server software" (as you put it), it may still be vulnerable to buffer overflows, poor configuration, or just plain faulty design.
As far as your encryption questions go, I hate to answer questions with questions, but are you using well known and tested algorithms such as Blowfish, Twofish, AES, etc? Or did you create your own algorithm?
Well, in my opininion, there are two kinds of open ports. There are open ports, with software actively listening for new incomming connections, these are bad if your not actually in need of the service (smtp is a great example, if your only sending mail, why would you want smtp open?).
And then you get those ports that are open to the firewall, meaning if some arbitrary program bind's to the port and starts listening, it will be able to receive connections. These are bad because, as you say, you might be trojaned. Also, it makes portscanning easier.
My suggestion? Use iptables, or something similar, to DROP all packets you are not interrested in and only ACCEPT those that you do care about.
As for encryption on network connections, I have used OpenSSL and have found it a great tool, it works brilliantly, and is relatively easy to figure out.
I'm using Blowfish since I heard it was pretty secure. I will check out OpenSSL though. Thanx for the suggestion of ethereal I'll check that out as well.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.