Find the answer to your Linux question:
Results 1 to 2 of 2
hi i got a question for ports, though i haven't quite installed linux yet because my optical drive is being in inefficacious piece of slag anyway, as i used windows ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    J--
    J-- is offline
    Just Joined!
    Join Date
    Jul 2007
    Posts
    6

    port blocking


    hi i got a question for ports, though i haven't quite installed linux yet because my optical drive is being in inefficacious piece of slag

    anyway, as i used windows i liked to port scan myself (using cports) to determine how many ports were open, and if one was open that i didn't want, i'd close it to keep out the hackers. Windows had a nasty habit of always keeping 4 groups open, one for its updates, one for the telephony or fax or whatever... and i'd always snap em shut

    my question is, if i keep ALL my ports closed while im not at the computer, is that enough to keep out hackers? or is there a way they could circumvent their way in with just an ip address?

    (btw my ultimate way of keeping my computer safe is that i just dont keep sensitive info on it)

  2. #2
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    Quote Originally Posted by J--
    my question is, if i keep ALL my ports closed while im not at the computer, is that enough to keep out hackers? or is there a way they could circumvent their way in with just an ip address?
    With or without a host-level firewall, if you have no daemons listening on tcp/udp ports (on external interfaces) then you have already made yourself somewhat of a hardened target. (Use netstat -atun to see what is listening and where; as root, add the -p option for the daemon name.)

    That said, if some vulnerability is discovered in the tcp/ip stack on the Linux box you're using (rare, but always possible), there's a chance something nasty could happen. e.g.: An icmp smurf attack, where your box is used against your will to hammer someone else.

    I'd also add that the greatest chance of you suffering some sort of compromise will come from your userland applications - i.e. your web browser and multimedia apps. Get on your distro's security mailing list, and keep up with security fixes. That's important.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •