Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
It depends on what kind of Tor service you are providing or using. If you are providing a bridge, guard, middle node, or exit relay then you need a way for other computers to contact your Tor service. That means a single port should be opened, but not a port range.
If you are just running the Tor Browser Bundle then you don't need any special rules for the INPUT chain as far as Tor is concerned. However, if you are running any kind of relay, then you need to be reachable on the one port that you've configured Tor to listen to.
But in general, only the last rule in the chain should be a blanket REJECT.
It depends on what kind of Tor service you are providing or using. If you are providing a bridge, guard, middle node, or exit relay then you need a way for other computers to contact your Tor service. That means a single port should be opened, but not a port range.
If you are just running the Tor Browser Bundle then you don't need any special rules for the INPUT chain as far as Tor is concerned. However, if you are running any kind of relay, then you need to be reachable on the one port that you've configured Tor to listen to.
But in general, only the last rule in the chain should be a blanket REJECT.
I just use TorBrowser. I never run any Bridge or...
Can you make a short list of which services you are running that need to listen for an outside connection? For example, do you have OpenSSH server or Apache2?
Or is the machine more or less a standard desktop?
A staple of diagnosing this sort of thing is tcpdump, or better yet a GUI tool like WireShark.
You need to see the packets as they come and go, even though you cannot read their content. You need to see what comes in and what is subsequently done to it. It is very difficult by comparison to deduce this: there are simply too many players in the game, even with a small (home) network.
Can you make a short list of which services you are running that need to listen for an outside connection? For example, do you have OpenSSH server or Apache2?
Or is the machine more or less a standard desktop?
No, It just a Standard Desktop and I like to secure it against hackers. Ass you see my current rules are good and doing scanner blocking via iptables.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.