Saturday, October 27, 2007

Port 80 Open

Hi,

Maybe I'm not understanding something here. I ran a check on my
ports to see what's wrong with it. Only port 80 comes up as
open, and, apparently, is a security violation.

That's chaffing me, because from what I understand, without port
i80 open I'm not able to get on the WWW, so even if you ARE NOT
running a web server, it still needs to be "open".

Anything that comes into port 80 on my host automatically hits a
chain checking the tcp packets for syn and state
ESTABLISHED,RELATED, the packets being dropped if they don't
have those. How can this still be a security violation?

Also, I'm running in stealth (not allowing icmp echo replies or
requests). Some of my ports (i.e., 25 and 443) are coming up as
closed. Why are these ports showing up as closed at all?

--
Telly Williams
"Knowledge Is Power"


--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

No comments:

Post a Comment