Open ports on FC2
Kostas Sfakiotakis
kostassf at cha.forthnet.gr
Sun Jul 25 20:33:57 UTC 2004
Greetings netmask ,
netmask wrote:
>
> You can follow the others advice for iptables stuff.. or shutting down
> services.. in addition, you could block ICMP via iptables..
>
> but I prefer to disable it via proc
>
> echo "1" >/proc/sys/net/ipv4/icmp_echo_ignore_all
>
> However.. ICMP serves a purpose.. if you are running a server, it isn't
> recommended that you disable it.
And if you are running a client you might need it . I recall about 3
years ago ( might be more ) when i accessed IRC , Ping was used to
verify that your connection to the server was still on , in which case
if you denied the ping then you would get disconnected . Just an example
that came in mind where pings are usefull .
>
> You can find all open ports, and what applications are using them via:
> lsof -i -n
Thanks very much for a command
By the way isn't FC2 supposed to have telnet disabled by default
( I have FC 1 ), for the very reason that Alexander Dalloz suggested
the use of ssh ?
A final note for Alexander Dalloz , could you please provide me the
title of the thread that was discussing the issues between DROP and
REJECT that you mentioned on your posting of 24/07/2004 11:30 PM
( Am on GMT+2 so there might be a variation on the original time
you sent it , but 11:30 PM is the time that Mozilla gives )
And if it's not a real pain could you please explain a bit more that
"security by obscurity" you said in regard to blocking the icmp echo
request ?
Kind Regards,
Kostas
More information about the fedora-list
mailing list