Hi all, Thanks a lot for the mails. > 161 - snmp - are you managing this system from elsewhere, or is this > machine the snmp monitor ? UDP 161 only needs to be inbound if this > machine is being monitored from elsewhere Well, I don't know anyting about SNMP thing. But the guys at the server f= arm=20 suggested I make some changes as told by them in my snmpd.conf, so that t= hey=20 say I there will be able to monitor my machine. I guess so I am just a cl= ient=20 SNMP. So, which ports to keep open? > > Also, nmap shows that 2002/udp globe is open. Shall I close it? > machine already has the Slapper worm on it, since that opens UDP port 2= 002 well, my machine had a slapper worm. I removed the .bugtraq file from /tm= p.=20 Now still the port is open. This is very important to me. How do I close = the=20 port???? nmap report says, 2002/udp open globe How do I know where and what is globe? How do I shut it? > I would recommend setting your OUTPUT chain to ESTABLISHED,RELATED and = then do you mean similar to INPUT rule i.e using -m and all? > add any rules for traffic which is supposed to originate on your server > (such as DNS queries). Thanks a lot and eagerly waiting for the mails. Bye and thanks. -Payal
