On Wednesday 08 October 2003 03:11 pm, Staven Bruce wrote: > I have a RedHat 8.0 box running Apache and Mailman. I am trying to make > sure it is locked down. When I run a port scan with nmap, I find the > following TCP ports open: > > 25 -- Mail > 80 -- WWW > 111 -- SUN RPC > 443 -- SSL > 515 -- spooler > 6000 -- X Windows > 32768 -- Filenet > > Now, I know I need 80 and 25 open, but can't I just close the rest? How do > I close a specific port within the RedHat OS? > > One last question, the port scan also returns 81 UDP ports as open or not > answering, should I close these as well? Most of the ports that are open beside Mail, www, and SSL (are you running https?) is for local communication (or something like that). I find the easiest way to make sure you close all your ports from external is to use firewall. Before I setup firewall, nmap result of my system is similar to yours, although I only explicitly need mail and http. I suggest you check out Shorewall: http://www.shorewall.net/ it's easy and quick to setup. You'll be happy with it. Then all you need to do is explicitly open ports for only things that you need (eg. 25 and 80). RDB -- Reuben D. Budiardja Department of Physics and Astronomy The University of Tennessee, Knoxville, TN --------------------------------------------------------- "To be a nemesis, you have to actively try to destroy something, don't you? Really, I'm not out to destroy Microsoft. That will just be a completely unintentional side effect." - Linus Torvalds - -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
