default iptables rules
NoOp
glgxg at sbcglobal.net
Sun Sep 16 02:29:56 UTC 2007
On 09/15/2007 05:02 PM, Jimmy Wu wrote:
> On 9/14/07, John L Fjellstad <john-ubuntu at fjellstad.org> wrote:
>>
>> Peter Garrett <peter.garrett at optusnet.com.au> writes:
>>
>> > I have found the simplest way to set up iptables is to start with a
>> > default "DROP" policy for INPUT
>>
>> One thing to note is that if you are ssh into a box, it might not be a
>> good idea to add this policy first (God knows I've done that a couple of
>> times :-) ).
>>
>> --
>> John L. Fjellstad
>> web: http://www.fjellstad.org/ Quis custodiet ipsos custodes
>>
>>
>> --
>> ubuntu-users mailing list
>> ubuntu-users at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>
>
> Thanks all for the responses, especially Peter for your script.
> Just a few more questions: I don't have any servers running that I know of,
> but I do have samba installed - does that open any ports I should worry
> about?
> Also, how do I find out what ports are open?
> I tried a netstat -l and got a lot of output (which I've attached to the
> end)
>
sudo apt-get install nmap
sudo nmap -sV localhost
With samba running these ports will be open:
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: nameofyourworkgroup)
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: nameofyourworkgroup)
You can replace localhost with an IP or domain name.
More information about the ubuntu-users
mailing list