Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
hi
how can i check my network security. i mean the port which
are open and how can i close them. and which port i should
not close for browsing and other general stuff.
Last edited by win32sux; 10-13-2008 at 10:06 PM.
Reason: Removed spammed link.
hi
how can i check my network security. i mean the port which
are open and how can i close them. and which port i should
not close for browsing and other general stuff.
You open ports by having something listen on them. You close them by not having something listen on them. If you are referring to firewalling, the official Linux firewall tools are Netfilter/iptables. The de facto standard port scanner for GNU/Linux is Nmap. To surf the Web you don't need to have any listening processes, hence no ports open (you can safely firewall all of your external ports). If you want to filter access from your box to remote ports which aren't related to Web surfing then you could start by blocking all except TCP 80 (HTTP), TCP 443 (HTTPS), and UDP 53 (DNS).
Hi Jani,
You can also go to www.grc.com. There's lots of Windows stuff there, but you can use some of the services as well in Linux. Click on Shields Up and you can test your firewall for leakage. Just walk through the process.
The site is a bit cluttered with lots of free Windows apps and an excellent Hard Drive test/repair app called SpinRight that he sells, so you have to look closely.
You can test the 'common' port range and also the higher ports very quickly, also file sharing, etc.
Ports show as 'open': [very bad]; 'closed': [better, but less than ideal]; or 'stealthed': [as good as it gets].
I have been using Steve's resources for years in Windows, but the port scans, firewall testing and Harddrive app are all very applicable to Linux as well.
Have fun. Check it out if you like and maybe you can get a much better idea of your vulnerabilities and assets.
Best,
fallsoff
Ports show as 'open': [very bad]; 'closed': [better, but less than ideal]; or 'stealthed': [as good as it gets].
That test is pitched for clients only, and for someone running services it would automatically give them a 'very bad' rating which may not be true.
Security goes deeper than what ports are open or closed. Think of it like a drive-thru, for example McDonald's. You drive up, there are windows. Some are open, some closed. There are ones open where the person stands to take your money, and another where you get your food. If it's busy at that time, maybe they have two money windows or two or more food windows. Another time it is slow, and those windows aren't used: the person is not standing there and so the window is closed. But what would happen if you closed the window when someone was standing there? You'd not get your food, or couldn't pay, and so on.
The idea of open/closed ports seems to be throw-back from Windows, where mystery services ran unknown to the user, and you needed an outside service to scan you because you couldn't trust what your OS was telling you it was running (for example, port 1025/tcp).
Hi, and thanks for the info,
XP ships with open SOCKETS and that is a major risk. GRC has free apps to close them and also does the port scanning. True it is only a small part of a layered approach to security issues.
I just like to see how effective my firewall is and what ports might be open for informational purposes. Some of the Linux apps I have tested there have had open ports and others are stealthed. PClinuxOS was sealed tight.
I like having that quick scan information. I have had my system sniffed at a Hotspot more than once and nothing was accessed because of diligence on my part that included closing XP sockets and checking on the firewall periodically. With Linux I like using GRC as a point of reference regarding the port situation. I havent been sniffed yet but I expect it sooner or later.
To that end I use GRC as a simple test on the port and firewall issues. The layered defense goes much deeper than that.
Thanks again
fallsoff
ps
By the way do you know of a simple Linux VPN that allows browsing from the browser and following links on out from there. I used HotSpotShield in XP and loved it. In Linux I have not been able to find anything similar yet.
I like having that quick scan information. I have had my system sniffed at a Hotspot more than once and nothing was accessed because of diligence on my part that included closing XP sockets and checking on the firewall periodically. With Linux I like using GRC as a point of reference regarding the port situation. I havent been sniffed yet but I expect it sooner or later.
What exactly do you mean by "sniffed"?
Quote:
By the way do you know of a simple Linux VPN that allows browsing from the browser and following links on out from there. I used HotSpotShield in XP and loved it. In Linux I have not been able to find anything similar yet.
If you seriously can't find a thread which recommends a solution for this type of application, please start a new thread to ask your question. Don't add off-topic questions into existing threads.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.