default iptables rules

NoOp glgxg at
Sun Sep 16 21:52:34 UTC 2007

On 09/16/2007 02:06 PM, Jimmy Wu wrote:

>> > Also, how do I find out what ports are open?
>> > I tried a netstat -l and got a lot of output (which I've attached to the
>> > end)
>> >
>> sudo apt-get install nmap
>> sudo nmap -sV localhost
>> With samba running these ports will be open:
>> 139/tcp   open  netbios-ssn Samba smbd 3.X (workgroup:
>> nameofyourworkgroup)
>> 445/tcp   open  netbios-ssn Samba smbd 3.X (workgroup:
>> nameofyourworkgroup)
>> You can replace localhost with an IP or domain name.
>> Much thanks.  The obvious next question is how to control which ports are
> listening or closed.  Also, I've heard of port stealthing on certain
> firewall software -- does anyone know what that is?

Sudo apt-get install firestarter

Firestarter is a gui frontend for iptables with many added features, see:

You can also modify your iptables w/scripts & from the command line

However, Ubuntu comes with nearly all ports closed. So any ports opened
afterwards are from your installation of the programs that use them. To
close the ports either remove the programs that opened them, or read the
program documentation to see how to close or change the ports it uses.

I'd also very much advise purchasing a router with a built-in firewall.
That, in combination with Firestarter should keep you pretty secure.

More information about the ubuntu-users mailing list