Well, iptables -nvL is:
Code:
Chain INPUT (policy DROP 173 packets, 21686 bytes)
pkts bytes target prot opt in out source destination
3955 471K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
356 23920 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
256 15120 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 80,443,21,22
65 4585 ACCEPT icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW icmp type 8
41 2943 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- eth0 * 10.0.0.0/8 0.0.0.0/0
0 0 DROP all -- eth0 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth0 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth0 * 202.105.179.9 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy DROP 52 packets, 3668 bytes)
pkts bytes target prot opt in out source destination
4198 747K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
661 48297 ACCEPT udp -- * eth0 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 25,80,443,21,22
0 0 ACCEPT icmp -- * eth0 0.0.0.0/0 0.0.0.0/0 state NEW icmp type 8
41 2943 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
Network setup is:
GW@ISP <---->Server Running Linux RH9.
Nmap output is:
[me@myserver]# nmap -v -O A.B.C.D
Starting nmap 3.81 (
http://www.insecure.org/nmap/ ) at 2008-03-26 00:39 BDT
Initiating SYN Stealth Scan against myserver.tld (A.B.C.D) [1663 ports] at 00:39
Discovered open port 443/tcp on A.B.C.D
Discovered open port 21/tcp on A.B.C.D
Discovered open port 53/tcp on A.B.C.D
Discovered open port 80/tcp on A.B.C.D
Discovered open port 22/tcp on A.B.C.D
Discovered open port 3306/tcp on A.B.C.D
Discovered open port 111/tcp on A.B.C.D
Discovered open port 20/tcp on A.B.C.D
The SYN Stealth Scan took 0.06s to scan 1663 total ports.
For OSScan assuming port 20 is open, 1 is closed, and neither are firewalled
Host myserver.tld (A.B.C.D) appears to be up ... good.
Interesting ports on myserver.tld (A.B.C.D):
(The 1655 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
20/tcp open ftp-data
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
443/tcp open https
3306/tcp open mysql
Device type: general purpose
Running: Linux 2.4.X|2.5.X
OS details: Linux 2.4.0 - 2.5.20
Uptime 0.222 days (since Tue Mar 25 19:20:48 2008)
TCP Sequence Prediction: Class=random positive increments
Difficulty=3467244 (Good luck!)
IPID Sequence Generation: All zeros
Nmap finished: 1 IP address (1 host up) scanned in 2.311 seconds
Raw packets sent: 1679 (67.4KB) | Rcvd: 3371 (136KB)
[me@myserver]#
Now I dont want ppl to check my open ports and check my OS since recently i'm facing bruteforce attacks and the attacker knows that the system is a linux.