iB::Topic::open ports

	Damn Small Linux :: Damn Small Linux Board The DSL Forums

» Welcome Guest
[ Log In :: Register ]

Damn Small Linux Board » Damn Small Linux » Networking » open ports

		Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
		Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic

Pages: (5) </ 1 [2] 3 4 5 >/

[ Track this topic :: Email this topic :: Print this topic ]

Topic: open ports, portscan showed several ports open Web

< Next Oldest | Next Newest >

vees

Group: Members
Posts: 81
Joined: Nov. 2005

Posted: Dec. 26 2005,15:24

also - if you have any doubts at all, you can download the myDSL extension iptables and then run the following script:

#!/bin/sh
iptables -F
iptables -A INPUT -p all -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --syn -j DROP

Save this script in a file called foo, then just chmod +x foo in the directory you placed it in, then "sudo ./foo" from there. You will have a very effective firewall running. Want to shut it down? Just to "sudo iptables -F".

Easy, fast, simple, effective.

But as they said - DSL is very safe out from the box, accepts no connections, has no listening ports, etc...

Good luck!

--------------
Motto: chown -R linux:GNU world

doobit

Group: Members
Posts: 912
Joined: July 2005

Posted: Dec. 26 2005,20:13

I've been playing around with firestarter, but not on DSL because it doesn't need it. Still, firestarter is Debian packaged so you can apt-get it with a hard drive install of DSL, or you can compile it from the source code. It's a pretty cool firewall to use if you are going to use samba, or some other sharing utility.

--------------
"Help stop internet piracy...use Linux!"

vees

Group: Members
Posts: 81
Joined: Nov. 2005

Posted: Dec. 26 2005,23:05

agreed. firestarter is top notch for a basic firewall. Simply, fast, effective. One of its best features is that you can see "live" every hit your comuter get, you also resolve the ip of any offender. And it is far more flexible that the little script I gave above. Also, to make firestarter workl you will have to install iptables anyway.

--------------
Motto: chown -R linux:GNU world

gray

Group: Members
Posts: 10
Joined: Dec. 2005

Posted: Dec. 27 2005,18:18

thanks for the advice

I'm busy running 2.1 RC2 at the moment and have asked for a port scan on that. I'm actually wondering if the issue might not be with Zonealarm some how - my buddy is running XP.

The prob I have is that when he did a scan of my system when I was in XP (gotta have the games...), and I use Zonealarm too there, he found no ports open at all - stealthed in fact, and I even went as far as to delete my Linux partitions and install SUSE 9.3, which has a firewall, and he found no ports open there, also stealthed.

But previously with me running DSL 2.0 (granted I didn't know about the nodhcp command which would close port 68) he found ports open, hence my original query.

I might have suspected his own system if it were not for the fact that when he scanned 2 totally different systems of mine (XP and SUSE 9.3) he found nothing open. Anyhow, all this isn't really an issue as I will be huddled behind a router shortly, but I thought that what I thought was a problem should be brought to light.

Best wishes - Gray

gray

Group: Members
Posts: 10
Joined: Dec. 2005

Posted: Dec. 27 2005,18:38

OK the portscan has been done. Ports to be considered are:

port 554 which is for Real Time Stream Control Protocol
and 1755 which is Streaming ASF with TCP In/Out designated for Windows Media

totally weird !!! - at least port 68 is closed, so I learnt something there...

I have to admit I'm confused, but have submitted the above in the hope that it might be useful anyway. best wishes - Gray

24 replies since Dec. 25 2005,09:14

< Next Oldest | Next Newest >

[ Track this topic :: Email this topic :: Print this topic ]

Pages: (5) </ 1 [2] 3 4 5 >/

Damn Small Linux Board » Damn Small Linux » Networking » open ports