Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
10-03-2006, 10:46 PM
|
#1
|
|
Member
Registered: Mar 2004
Location: Texas, USA
Distribution: Ubuntu 12 (notebook), Debian Squeeze (home server), OpenSuse 12 (desktop)
Posts: 96
Rep: 
|
Sheilds up shows opened ports with Firestarter?
I just made my old computer into a Router/Firewall using Firestarter. I checked the firewall with the Shields Up website and it showed just a few "stealthed" ports, about 3 opened ports, and all the rest showed "closed." It said that all the ports should be "stealthed."
The opened ports really worried me. It showed OpenSSH(which I use locally), DNS(not sure if I need), and some unknown port in the 800's as opened. The only ports I have open in firestarter are port forwarded to my other pc, and that's just azureus, limewire, and a game(these were the only stealthed ports). I also set firestarter to always accept connection from my local IP.
I thought firestarter is supposed to block all inbound connections unless they're specifically allowed?
After this, I did set it to block all ICMP services and ran sheilds up again, and this time it showed everything as "stealthed." I don't know if this will cause any problems or not though? Is my system now firewalled or not?
|
|
|
|
|
10-04-2006, 02:38 AM
|
#2
|
|
Member
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Pop!_OS && Windows 10 && Arch Linux
Posts: 833
|
I wouldn't trust grc so much, there is lots of better scans around.
Nessus scan:
http://www.it-sec.de/vulchke.htm
Different pings and Dos packets.
http://www.pcflank.com/scanner1s.htm
Normal tcp - udp scan.
http://scan.sygate.com/
Test with these if you have any open ports.
Last edited by //////; 10-04-2006 at 02:39 AM.
|
|
|
|
|
10-05-2006, 07:24 AM
|
#3
|
|
Member
Registered: Mar 2004
Location: Texas, USA
Distribution: Ubuntu 12 (notebook), Debian Squeeze (home server), OpenSuse 12 (desktop)
Posts: 96
Original Poster
Rep:
|
Those all said I passed too. But...
I don't see how just filtering ICMP would close my open ports?
Or were these ports really open?
|
|
|
|
|
01-01-2007, 10:37 PM
|
#4
|
|
Member
Registered: Dec 2006
Location: In the middle of the ocean.
Distribution: Ubuntu 12.04, Debian Squeeze, Windows 7
Posts: 67
Rep:
|
**I'm a neWb plz bear with me**
This isn't directly related to the thread and related problem but includes issues with Firestarter, open ports, security, and ultimately Azureus.
I use Firestarter despite the understanding that Ubuntu (my current *nix), by default, closes all incoming ports. I have opened port 6881 for Azureus although Firestarter 'warns' it is open to anyone. At night I leave my torrents on the net to be seeded and on numerous occasions I wake up to see that various high numbered, random ports are open as an active connection ("unkown" apps/service), including various connections, as expected, on port 6881. Finally, they, according to Firestarter, stay active after Azureus is terminated. Is this a serious problem? Any ideas as to why the ports stay open? Related at all to exploits or bugs in Azureus?
|
|
|
|
|
01-02-2007, 01:53 AM
|
#5
|
|
Senior Member
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
|
Quote:
|
Originally Posted by badmofo666
Those all said I passed too. But...
I don't see how just filtering ICMP would close my open ports?
Or were these ports really open?
|
Because it blocked the out-bound "ICMP port unreachable" errors. It's not any more secure, it just made the scanner happy.
You should check your firewall configuration to see what it's set to block and allow. If SSH is really opened from the Internet, that might not be what you wanted. |
|
|
|
All times are GMT -5. The time now is 08:17 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
