Mailinglist Archive: opensuse-security (487 mails)
| < Previous | Next > |
Re: [suse-security] port 80 closed, Firewall up and still accepted??
- From: Piet Roorda <prooroa@xxxxxxxxxx>
- Date: Wed, 23 Oct 2002 23:06:58 +0200
- Message-id: <200210232306.58213.prooroa@xxxxxxxxxx>
On Wednesday 23 October 2002 22:01, Andreas J Mueller wrote:
thnks for responding..
no the entry of FW_SERVICES_EXT_TCP="" ... empty
I start Apache thru webmin on occasion
regards, piet
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Hi Piet!
>
> > /var/log/warn came up with: my firewall2 is up, Apache not
> > running.... why is it accepted??
>
> Iptables accepts the connection request, probably because you have set
> FW_SERVICES_EXT_TCP="http", whether or not Apache is actually running.
>
> The request will be rejected by the kernel, however, if no service is
> listening to TCP port 80. If you scan your system, the port should be
> reported as closed.
>
> Regards, Andy
>
> - --
> Andreas J. Mueller email: <andy@xxxxxxxxxx>
> PGP RSA Public Key ID 0x3D41D941 FP: ED261973D51D3D20 C840B0542E69F602
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.0 (MingW32)
>
> iQC9AwUBPbcAPfobN5o9QdlBAQHWPgVAms4XojTwU25iVynfzmzrMGcfxOMnUf5y
> eMPUNDGlqE/2rU+6BatI20TVpiQPDaOXqEs4bw1ke+dkct0FhOEqKPmBVQvmB8aG
> VzOSzmfIlJbtiz02RSswcFQsvJpj4xyhgM+uH54JZDoLxUs6Yv44mkej7v4v6cic
> Xfxe6mxTeh9Hbdz2LBahIloZLzZblYlBqK4Rjn1G6SFS28qnPBou5rMv+Cr8PoL1
> =XPEk
> -----END PGP SIGNATURE-----
On Wednesday 23 October 2002 22:01, Andreas J Mueller wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Hi Piet!
>
> > /var/log/warn came up with: my firewall2 is up, Apache not
> > running.... why is it accepted??
>
> Iptables accepts the connection request, probably because you have set
> FW_SERVICES_EXT_TCP="http", whether or not Apache is actually running.
>
> The request will be rejected by the kernel, however, if no service is
> listening to TCP port 80. If you scan your system, the port should be
> reported as closed.
>
> Regards, Andy
>
> - --
> Andreas J. Mueller email: <andy@xxxxxxxxxx>
> PGP RSA Public Key ID 0x3D41D941 FP: ED261973D51D3D20 C840B0542E69F602
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.0 (MingW32)
>
> iQC9AwUBPbcAPfobN5o9QdlBAQHWPgVAms4XojTwU25iVynfzmzrMGcfxOMnUf5y
> eMPUNDGlqE/2rU+6BatI20TVpiQPDaOXqEs4bw1ke+dkct0FhOEqKPmBVQvmB8aG
> VzOSzmfIlJbtiz02RSswcFQsvJpj4xyhgM+uH54JZDoLxUs6Yv44mkej7v4v6cic
> Xfxe6mxTeh9Hbdz2LBahIloZLzZblYlBqK4Rjn1G6SFS28qnPBou5rMv+Cr8PoL1
> =XPEk
> -----END PGP SIGNATURE-----
thnks for responding..
no the entry of FW_SERVICES_EXT_TCP="" ... empty
I start Apache thru webmin on occasion
regards, piet
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Hi Piet!
>
> > /var/log/warn came up with: my firewall2 is up, Apache not
> > running.... why is it accepted??
>
> Iptables accepts the connection request, probably because you have set
> FW_SERVICES_EXT_TCP="http", whether or not Apache is actually running.
>
> The request will be rejected by the kernel, however, if no service is
> listening to TCP port 80. If you scan your system, the port should be
> reported as closed.
>
> Regards, Andy
>
> - --
> Andreas J. Mueller email: <andy@xxxxxxxxxx>
> PGP RSA Public Key ID 0x3D41D941 FP: ED261973D51D3D20 C840B0542E69F602
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.0 (MingW32)
>
> iQC9AwUBPbcAPfobN5o9QdlBAQHWPgVAms4XojTwU25iVynfzmzrMGcfxOMnUf5y
> eMPUNDGlqE/2rU+6BatI20TVpiQPDaOXqEs4bw1ke+dkct0FhOEqKPmBVQvmB8aG
> VzOSzmfIlJbtiz02RSswcFQsvJpj4xyhgM+uH54JZDoLxUs6Yv44mkej7v4v6cic
> Xfxe6mxTeh9Hbdz2LBahIloZLzZblYlBqK4Rjn1G6SFS28qnPBou5rMv+Cr8PoL1
> =XPEk
> -----END PGP SIGNATURE-----
On Wednesday 23 October 2002 22:01, Andreas J Mueller wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Hi Piet!
>
> > /var/log/warn came up with: my firewall2 is up, Apache not
> > running.... why is it accepted??
>
> Iptables accepts the connection request, probably because you have set
> FW_SERVICES_EXT_TCP="http", whether or not Apache is actually running.
>
> The request will be rejected by the kernel, however, if no service is
> listening to TCP port 80. If you scan your system, the port should be
> reported as closed.
>
> Regards, Andy
>
> - --
> Andreas J. Mueller email: <andy@xxxxxxxxxx>
> PGP RSA Public Key ID 0x3D41D941 FP: ED261973D51D3D20 C840B0542E69F602
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.0 (MingW32)
>
> iQC9AwUBPbcAPfobN5o9QdlBAQHWPgVAms4XojTwU25iVynfzmzrMGcfxOMnUf5y
> eMPUNDGlqE/2rU+6BatI20TVpiQPDaOXqEs4bw1ke+dkct0FhOEqKPmBVQvmB8aG
> VzOSzmfIlJbtiz02RSswcFQsvJpj4xyhgM+uH54JZDoLxUs6Yv44mkej7v4v6cic
> Xfxe6mxTeh9Hbdz2LBahIloZLzZblYlBqK4Rjn1G6SFS28qnPBou5rMv+Cr8PoL1
> =XPEk
> -----END PGP SIGNATURE-----
| < Previous | Next > |