spezticle |
06-07-2010 12:13 AM |
This file as said below looks wrong to me anyway, it says here to reject all source on all destination? changing from reject to allow didn't help ports being shown as open though. they all timeout, via report from http://www.whatsmyip.org/ports/security/
router 1, 2, and proxy server all forward requests properly to the server machine, 192.168.1.6
port scans with gnomes network utility report them all open. only place they're not open is from the fqdn and internet ip address.
Code:
#nano /etc/shorewall/policy
# Shorewall version 4 - Policy File
#
# For information about entries in this file, type "man shorewall-policy"
#
# The manpage is also online at
# http://www.shorewall.net/manpages/shorewall-policy.html
#
###############################################################################
#SOURCE DEST POLICY LOG LIMIT: CONNLIMIT:
# LEVEL BURST MASK
$FW net ACCEPT
net $FW DROP info
net all DROP info
all all REJECT info
Code:
21 Timeout ftp Port 21 is used for FTP Servers. The File Transfer Protocol is a fairly obsolete and insecure way to transfer files.
22 Timeout ssh Port 22 is used for SSH, a Remote Login Protocol for Unix based machines. If you do not use SSH and Port 22 is open, this is something to look into.
25 Timeout smtp Port 25 is used for Mail Servers. If you are not running a Mail Server this port should be closed.
53 Timeout DNS Port 53 is used for Domain Name Servers.
80 Timeout http Port 80 is the port Web Servers run on. If you are not running a Web Server and your port 80 is open, this is something to look into.
110 Timeout pop3 POP3 (aka POP) is the most common protocol for checking email on a mail server. Most ISP's use pop.
137 Timeout netbios These three ports are all used for Windows File Sharing over the internet. Most Internet Service Providers block these ports for security so generally you don't have to worry about them. You couldn't open them if you tried.
138 Timeout netbios
139 Timeout netbios
143 Timeout imap IMAP is one of the two most common protocols used to check email.
443 Timeout https Port 443 is for Web Servers running over SSL. This encrypts all the data so no one can listen in and steal data.
548 Timeout afp Port 548 is used for the Apple File Sharing protocol. It allows you to connect to your Macintosh over the internet.
587 Timeout smtp submission Port 587 is the preferred port for smtp submission (client to server submission). Most systems still use 25 for this. Often 587 is used as the SSL port.
993 Timeout imap
ssl The IMAP mail protocol, used over SSL to encrypt the data transfer (and protect your password etc)
995 Timeout pop
ssl The POP mail protocol, used over SSL to encrypt the data transfer (and protect your password etc)
1433 Timeout mssql Port 1433 is used by Microsoft's SQL Server. Unless you know you are running MSSQL (Not MySQL), its very important to block this port. It is very vulnerable.
1701 Timeout l2tp Layer-2 Tunneling Protocol. Used with IPSec to create a secure form of VPN.
1723 Timeout pptp Point-to-Point Tunneling Protocol. A different form of VPN. Its not as good as IPSec, and MS's PPTP server has MAJOR flaws.
3306 Timeout MySQL Port 3306 is used by MySQL. Not to be confused with Microsoft's SQL, MySQL is a free, open source, very powerful and very secure Database Server. This site is powered in part by MySQL.
5432 Timeout PgSQL PostgreSQL. An Open source SQL server, like MySQL, but different. Some people Love PgSQL, some Love MySQL.
|