Saturday, October 27, 2007

Re: Port 80 Open

On 2007-10-27 Telly Williams wrote:
> Maybe I'm not understanding something here. I ran a check on my ports
> to see what's wrong with it. Only port 80 comes up as open, and,
> apparently, is a security violation.

How did you check? nmap? From the inside? From the outside? What were
the actual results? What does netstat show?

> That's chaffing me, because from what I understand, without port i80
> open I'm not able to get on the WWW, so even if you ARE NOT running a
> web server, it still needs to be "open".

Ummm... no? A port needs to be open only if you want to accept incoming
connection attemps (i.e. if you want to run a server). You don't need
any port open if you just want to browse the web.

[...]
> Also, I'm running in stealth (not allowing icmp echo replies or
> requests).

*facepalm*

"Stealth" is braindead marketing babble invented by people who failed to
understand TCP/IP for people who failed to understand TCP/IP.

> Some of my ports (i.e., 25 and 443) are coming up as closed. Why are
> these ports showing up as closed at all?

Probably because your ruleset says so. How 'bout letting us take an
actual look at it? Besides, it doesn't matter at all if they show up, as
long as they're closed.

Regards
Ansgar Wiechers
--
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html


--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

No comments:

Post a Comment