Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
RE: [suse-security] a simple question
  • From: "Evert Smit" <admin@xxxxxxxxx>
  • Date: Tue, 22 Jan 2002 11:11:07 +0100
  • Message-id: <NEBBJLPNDGJFKFMFLOPJEEOJCOAA.admin@xxxxxxxxx>
it really depends on what you want the world to see.
here's some questions for you
- do i want to provide http to the outside world , if yes, port 80 should be
allowed and maybe 443 for https
- do i need my server to provide DNS services, if yes port 53
- do i need mail to be send to that server, if yes port 25
- do i need ssh access from external, if yes 22
- do i need ftp or other services accessible from external, see respective
ports

the bottom line is, you can follow the european way, i.e only allow what is
neccesarry, or follow the us approach, allow everything and deny certain
items.

so from dmz to external you should allow at least
http
smtp
dns

from external to dmz
only allow httpd

than add whatever protocolls you really need. remember, security is always
the hassle between personal freedom and a better feeling when going to bed
at nite.

regards
Evert

-----Original Message-----
From: Omppu [mailto:Omppu@xxxxxxxxxxxx]
Sent: Tuesday, January 22, 2002 11:05 AM
To: suse-security@xxxxxxxx
Subject: [suse-security] a simple question



now with the basic installation of susefirewall2
no server from the dmz can access the world.

what parameter can should i add and where to if i want the servers on the
dmz to access
for example ports 22, 25, 80, 5800

hoping for a reply this time,

regards
O.


--
To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx



< Previous Next >
This Thread
References