Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 01-15-2004, 10:28 AM   #1
LQ Newbie
Registered: Jul 2003
Posts: 6

Rep: Reputation: 0
Newbie Security, Nmap and Hosts.Allow

I am running a firewall/gateway called Clarkconnect, behind which are two MAC os X machines and one linux fedora core 1 machine. I don't think that I run any services on the clarkconnect box that I don't need, i.e. no web server etc. That's what the others are for !.

I ran nmap on both eth0 and eth1 on the Clarkconnect box and found the following ports open on both interfaces.

22/ tcp sshd
81/tcp hosts2-ns
82/tcp xfer
2000/tcp callbook

I did a little searching on the net and the last three seem pretty benign services, but nonetheless, I want to shut 82 and 2000 down and close off access to 22 and 81 except from one of my mac os x machines. I can use the webconfig on the clarkconnect box to close off ports 82 and 2000.

I think that I can close the other two in iptables and/or in hosts.allow and hosts. deny. So my question is, is this the recommended way to do this?

in my firewall script rc.firewall i thought I would add the following

$IPTABLES -A INPUT -i $INSIDE -s -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT
$IPTABLES -A FORWARD -i $INSIDE -s -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT

In hosts access control lists i thought I would add the following:




ALL: (this being the ip of the MAC os X machine)

Could someone tell me if these are done correctly? Also will I cut off web access on port 80 to the other machines? Thanks for your help
Old 01-16-2004, 02:59 AM   #2
Registered: Jan 2004
Posts: 54

Rep: Reputation: 15
if you want to close of all ports except for the 22 and 81 ...i suggest you do

$IPTABLES -A INPUT -p tcp -i $INSIDE -s --dport 22 -j ACCEPT
$IPTABLES -A INPUT -p tcp -i $INSIDE -s --dport 81 -j ACCEPT


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
nmap ? how do i do nmap in linux ? command not found abbasakhtar Linux - Newbie 2 01-02-2011 01:08 AM
NFS security with /etc/hosts.deny supernode Linux - Security 8 10-22-2005 09:51 AM
security newbie, but not Linux newbie. advice on secure delete tools mattie_linux Linux - Security 19 08-15-2005 01:50 AM
newbie learning NMAP, NESSUS, NIKTO amrogers3 Linux - Newbie 1 01-28-2004 03:55 PM
nmap security sam00 Linux - Security 8 01-02-2004 08:32 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:43 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration