Mailinglist Archive: opensuse (1784 mails)
|< Previous||Next >|
RE: [SLE] Is my firewall safe?
- From: andrew@xxxxxxxxxxxxxxxxxxxx (Andrew Smith)
- Date: Fri, 29 Dec 2000 23:30:36 -0000
- Message-id: <01C071EF.598B55C0@xxxxxxxxxxxxxxx>
From: Andrew Smith <andrew@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 29 Dec 2000 23:30:36 -0000
Subject: RE: [SLE] Is my firewall safe?
FTP can accept both anonomous and user connections...
what are the risks in allowing user connections?
Trojans were my main worry with the higher ports... I can
easily find out what ports halflife use, but what ports does
'real' ftp use? I know 20 and 21 are used, although when I
tried to downoad via ftp at one point, I saw a very high port
being used (over 60000). Am I right in assuming that this
port will change all the time? If so, is there a specific
range that the port may be?
Sorry about the non-wrapping... I'm using... dare I say it...
Outlook at the moment (sorry for the obscene language) :o)
Hopefully I've hit [Enter] in the right sorta spot to make it
a bit easier for you to read! :o)
Thanks for your help (and thanks to Jerry Kreps for the
From: Greg Thomas [SMTP:ethant@xxxxxxxxxxxxxx]
Sent: 29 December 2000 21:41
To: Andrew Smith
Cc: SuSE Linux Mailing List (E-mail)
Subject: Re: [SLE] Is my firewall safe?
On Fri, 29 Dec 2000, Andrew Smith wrote:
> I've just finished setting up a linux box to act as an internet gateway &
firewall, tho i'm not sure whether it's secure. I have currently blocked all incomming CONNECTIONS from ports 0 to 1023 except for 20, 21 and 80 (as the machine is also being used for a web & ftp server). I know that this range of ports are used by services run as root, so should this be enough? I was considering blocking connections from 0 to 65535 but this would mean 'real' ftp wouldnt work for me and i'd have problems running Halflife multiplayer games - oh no!!!
All the firewalls in the world aren't going to help you if you can ftp
with a user account. Are you only allowing Anonymous ftp connections?
Also, if you're not going to block incoming ports over 1023 then you
should scan yourself often to see if you somehow have been trojaned and
running services on a port over 1023.
BTW, can you set your lines to wrap around 72 characters?
|< Previous||Next >|