[PLUG] iptables firewalling...
plug_0 at robinson-west.com
plug_0 at robinson-west.com
Sun Sep 3 00:21:22 UTC 2006
Is there any standard service that an Internet client should be able to
access between tcp/udp ports 1024 and 65535 on my server? I'm thinking
no, so I have this rule in my firewall:
iptables -A PREROUTING -t mangle -p tcp -i $global_interface \
-d $out_address --dport 1024:65535 --syn -j DROP
I am not running a proxy server, web server, or ftp server on
this Internet connected machine. This machine does run X, so I
don't want that to become a security problem. NFS and RPC in
general bind to non root ports, but those aren't supposed to
be available from my server to anyone on the Net. My rule
doesn't cover udp, but udp apparently doesn't have a
connection flag so I don't know what to do there.
Another curiosity, why might someone or a bot for that matter
want to connect to a very low numbered tcp/udp port such as 2
or even port 0?
Michael Robinson
-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
More information about the PLUG
mailing list