Date: Fri, 29 Dec 2000 13:41:03 -0800 (PST)
From: Greg Thomas
Hi
I've just finished setting up a linux box to act as an internet gateway & firewall, tho i'm not sure whether it's secure. I have currently blocked all incomming CONNECTIONS from ports 0 to 1023 except for 20, 21 and 80 (as the machine is also being used for a web & ftp server). I know that this range of ports are used by services run as root, so should this be enough? I was considering blocking connections from 0 to 65535 but this would mean 'real' ftp wouldnt work for me and i'd have problems running Halflife multiplayer games - oh no!!!
All the firewalls in the world aren't going to help you if you can ftp with a user account. Are you only allowing Anonymous ftp connections? Also, if you're not going to block incoming ports over 1023 then you should scan yourself often to see if you somehow have been trojaned and running services on a port over 1023. BTW, can you set your lines to wrap around 72 characters? Greg