If this is not a laptop (which moves around) or a box in your DMZ, remove the ports you aren't using but don't harden it too much. Get a Sonicwall (or equivalent - I tend to think the Sonicwalls are better but some people hate Checkpoint...) and put your home net behind that. I found a guy on eBay who sells the old Webramp (a Sonicwall clone - an *old* clone of the *original* SOHO hardware - but perfectly adequate at DSL speeds and probably good for a T1) with unlimited (network) licenses for $70. I think this is an awesome bargain. It doesn't run the latest OS version but he supplies the latest version the hardware will support. I don't think there are going to be any more upgrades so it should be safe enough. This is one place I think some specialized hardware is a good idea. Other nice features: syslogging custom rules handles dynamic IP assignments from your ISP nice simple DHCP NATs your internal network Hattie Rouge > -----Original Message----- > From: psyche-list-admin@xxxxxxxxxx > [mailto:psyche-list-admin@xxxxxxxxxx] On Behalf Of > Ed.Greshko@xxxxxxxxxxx > Sent: Tuesday, April 22, 2003 1:20 AM > To: Red Hat 8.0 > Subject: Re: turning off unused ports > > > On Tue, 22 Apr 2003, Daniel Tan wrote: > > > i am using xnmap to check for open ports that i am not > using. i have > > dns,nis,smtp,imap and pop running.... how do i turn off the unused > > ports without knowing what service to deactivate? > > MY "best" way to do that is with a firewall based on iptables. > > To set it up I like to use shorewall. See the shorewall link below. > > Regards, > Ed > > > -- > http://webcams.greshko.com/ Do you know this man, Peter > Boeni? http://www.shorewall.net/ for all your firewall needs > > > > -- > Psyche-list mailing list > Psyche-list@xxxxxxxxxx > https://listman.redhat.com/mailman/listinfo/ps> yche-list > -- Psyche-list mailing list Psyche-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/psyche-list
