Find the answer to your Linux question:
Results 1 to 4 of 4
Hi everybody, I'm currently trying to set up a firewall using iptables. The only network connections I require are to dial up and browse the internet and maybe download using ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2005
    Location
    Wellington, New Zealand
    Posts
    4

    What ports/services to allow?


    Hi everybody,

    I'm currently trying to set up a firewall using iptables. The only network connections I require are to dial up and browse the internet and maybe download using FTP, but I'm having trouble working out which ports I can and can't close. I've found numerous lists on the internet giving port numbers and the services that generally use them, but am not sure what services I need.

    I've pretty much worked out how to use iptables and putting all the commands in a script shouldn't be too much of a problem. I want to set the INPUT chain to have a policy of DROP, but this requires me to add rules that ACCEPT packets from specific ports and so far I've not been able to do this.

    What services and therefore ports are required for dialing up, browsing the internet and downloading with FTP?

    What one Earth do the "auth" "time" and "x11" services do?

    Thanks in advance for any help,

    Francis

  2. #2
    Linux Engineer
    Join Date
    Apr 2005
    Location
    Buenos Aires, Argentina
    Posts
    908
    You can turn off the "auth" and "time" services, you don't need them..

    Just leave on the ones that you know that need or are using. After all, they're just services and you can turn them on/off whenever you like.
    serzsite.com.ar
    "All the drugs in this world won\'t save you from yourself"

  3. #3
    Just Joined!
    Join Date
    Feb 2005
    Location
    Wellington, New Zealand
    Posts
    4
    Yeah, they I can't see them doing anything when I netstat them, you wouldn't happen to know what they do would you?

    Thanks for the reply

  4. #4
    Linux Engineer
    Join Date
    Apr 2005
    Location
    Buenos Aires, Argentina
    Posts
    908
    auth - identd - This is a server that returns user information to a remote host that a user is requesting a service from. If it is running on your system, it allows the remote host to acquire your user name. It is not used for login and user authentification. It is described in RFC 1413. The daemon called identd provides this service, and its configuration file is /etc/identd.conf. For client side use of auth, you should be able to turn on user authentification on servers such as your telnetd server with the option "-a user" option. See the telnetd man page for more information.

    Trivial internal services used for testing

    1. echo
    2. discard
    3. chargen - Character generator
    4. daytime - Human readable time
    5. time - Number of seconds since midnight on Jan1 1900.
    http://www.comptechdoc.org/os/linux/..._hlnetsvc.html
    serzsite.com.ar
    "All the drugs in this world won\'t save you from yourself"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •