Networking :: open ports



also - if you have any doubts at all, you can download the myDSL extension iptables and then run the following script:

#!/bin/sh
iptables -F
iptables -A INPUT -p all -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --syn -j DROP

Save this script in a file called foo, then just chmod +x foo in the directory you placed it in, then "sudo ./foo" from there.  You will have a very effective firewall running.  Want to shut it down?  Just to "sudo iptables -F".

Easy, fast, simple, effective.

But as they said - DSL is very safe out from the box, accepts no connections, has no listening ports, etc...

Good luck!
I've been playing around with firestarter, but not on DSL because it doesn't need it. Still, firestarter is Debian packaged so you can apt-get it with a hard drive install of DSL, or you can compile it from the source code. It's a pretty cool firewall to use if you are going to use samba, or some other sharing utility.
agreed. firestarter is top notch for a basic firewall.  Simply, fast, effective.  One of its best features is that you can see "live" every hit your comuter get, you also resolve the ip of any offender.  And it is far more flexible that the little script I gave above.  Also, to make firestarter workl you will have to install iptables anyway.
thanks for the advice

I'm busy running 2.1 RC2 at the moment and have asked for a port scan on that. I'm actually wondering if the issue might not be with Zonealarm some how - my buddy is running XP.

The prob I have is that when he did a scan of my system when I was in XP (gotta have the games...), and I use Zonealarm too there, he found no ports open at all - stealthed in fact, and I even went as far as to delete my Linux partitions and install SUSE 9.3, which has a firewall, and he found no ports open there, also stealthed.

But previously with me running DSL 2.0 (granted I didn't know about the nodhcp command which would close port 68) he found ports open, hence my original query.

I might have suspected his own system if it were not for the fact that when he scanned 2 totally different systems of mine (XP and SUSE 9.3) he found nothing open. Anyhow, all this isn't really an issue as I will be huddled behind a router shortly, but I thought that what I thought was a problem should be brought to light.

Best wishes - Gray
OK the portscan has been done. Ports to be considered are:

port 554 which is for Real Time Stream Control Protocol
and 1755 which is Streaming ASF with TCP In/Out designated for Windows Media

totally weird !!! - at least port 68 is closed, so I learnt something there...

I have to admit I'm confused, but have submitted the above in the hope that it might be useful anyway. best wishes - Gray
Next Page...
original here.