> ports to see what's wrong with it. Only port 80 comes up as
> open, and, apparently, is a security violation.
why?
> That's chaffing me, because from what I understand, without port
> i80 open I'm not able to get on the WWW, so even if you ARE NOT
> running a web server, it still needs to be "open".
not at all.
> chain checking the tcp packets for syn and state
you want NEW, syn if you want to serve up something on port 80 else ...
> ESTABLISHED,RELATED, the packets being dropped if they don't
... you want just these.
> Also, I'm running in stealth (not allowing icmp echo replies or
eh, not quite stealth
> requests). Some of my ports (i.e., 25 and 443) are coming up as
> closed. Why are these ports showing up as closed at all?
why should they be open? are you providing SMTP and HTTPS to the outside?
perhaps providing a bit more info would help (eg iptables-save, interfaces)
--
paolo
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
No comments:
Post a Comment