I have a question for the security gurus out there about setting up
security measures (using Ipchains or other methods) to close ports
against eventual break ins.
I am using a Linux RH 7.2 with two network cards - eth0 connects to
the internal network (192.162.0.) and the eth1 is connected via pppoe
to the Internet using ADSL. (so the IP address changes every time you
restart pppoe).
I am using the Linux server as internal pop server, smtp server
(using qmail) , samba server and ssh server.
When I run nmap -v in each interface, I get that the POP3 (110), smtp
(25), ssh(22), smb, sunrpc(111) are open in both interfaces.
How do I do it to close the ports POP3 and samba only for the external
interface (eth1 or ppp0 ?) or to deny incoming connections from the
internet?
Should I close the smtp port for the external interface too?
What do you need the sunrpc (111) port open for?
Do you know of a good tutorial to understand ipchain rules better?
RH 7.2 sets some rules to secure your server but I don't know if they
are good enough.
Thanks ,
Juan Vergara
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:40:59 EDT