Re: [suse-security] Highport access
On Wed, Mar 06, 2002 at 11:30:07PM +0100, Andreas scholz wrote:
let me suggest to take a look at point Nr. 11 of firewall2.rc.config
-FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" or better
define a Port Range : "from:to" "1023:5999"
(but i don´t know exactly how this could effect on other services)
cu AS
Does this mean that one could do the following if one wanted to allow the use of ftp, disallow ports 6000,7741,8007 but allow most other high ports? Will this work? FW_ALLOW_INCOMING_HIGHPORTS_TCP="ftp-data 1024:5999 6001:7740 7742:8006 8008:65535" -- Paul Elliott 1(512)837-1096 pelliott@io.com PMB 181, 11900 Metric Blvd Suite J http://www.io.com/~pelliott/pme/ Austin TX 78758-3117
Am 07.03.2002 08:54:05, schrieb Paul Elliott
Does this mean that one could do the following if one wanted to allow the use of ftp, disallow ports 6000,7741,8007 but allow most other high ports?
ftp-data - ACK 6000 thinks its related to x-server but why 7741,8007. According to /etc/services there's nothing ? Michael Appeldorn
Michael Appeldorn said:
Am 07.03.2002 08:54:05, schrieb Paul Elliott
: Does this mean that one could do the following if one wanted to allow the use of ftp, disallow ports 6000,7741,8007 but allow most other high ports?
ftp-data - ACK
6000 thinks its related to x-server
but why 7741,8007. According to /etc/services there's nothing ?
Michael Appeldorn
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
just try netstat -al -- regards, Frederik Vos http://www.vosberg.be
Does this mean that one could do the following if one wanted to allow the use of ftp, disallow ports 6000,7741,8007 but allow most other high ports?
but why 7741,8007. According to /etc/services there's nothing ?
just try
netstat -al
And then - nothing udp related to see
participants (3)
-
Frederik Vos
-
Michael Appeldorn
-
Paul Elliott