--- John Andersen
--- Andy Coleman
wrote: Hello all,
I'm admittedly not a linux security guru so maybe I'm missing something but when I run YAST to configure the firewall in SuSE 9.3 I really don't understand at all.
I have a single interface designated as the external zone. When I go to the "Allowed services for selected zone option"
are a bunch of services listed in the box:
HTTP Server HTTPS Server IMAP Server IMAPS Server IPP Server LDAP Server LDAPS Server Mail Server POP3 Server POP3S Server Remote Administration Remote Synchronization SSH
I don't want any of these services accessible on
external interface but if I highlight any of these and click remove they don't go away.
In the end I want to make this machine the DMZ but I won't do that if these things are exposed. How do I disable these
On Wednesday 13 July 2005 05:47 pm, Nick Jones wrote: there the ports?
As long as those boxes are unchecked when you click next, the ports are closed. That's how it works on 9.2 and SLES9 so I'd assume 9.3 is the same.
Also how do I enable a series of ports? In the same allowed services screen there is an advanced button and if I click on that button and try to allow the port range 6881:6999 and hit ok, the message I get is:
Unknown Port Name Port name '3881:6999' is unknown in your current system. It probably would not work at all. Really use this port?
Sounds like SUSE is complaining that it doesn't recognize these ports as doing anything useful. However, it still opens them up for you.
How does one designate a range of ports?
Thanks,
Andy
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Yes he did, but what was YOUR contribution...?
Boy, I'm 2 for 2 lately. Seems I need a lesson in using my mail client! Sorry for the blank post to all. -Nick __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com