default iptables rules

Mike Smith mhsmith17 at tiscali.co.uk
Mon Sep 17 10:46:30 UTC 2007


On Sun, 2007-09-16 at 19:50 -0400, Jimmy Wu wrote:
> On 9/16/07, NoOp <glgxg at sbcglobal.net> wrote:
>         On 09/16/2007 02:06 PM, Jimmy Wu wrote:
>         
>         >> > Also, how do I find out what ports are open?
>         >> > I tried a netstat -l and got a lot of output (which I've
>         attached to the
>         >> > end) 
>         >> >
>         >>
>         >> sudo apt-get install nmap
>         >>
>         >> sudo nmap -sV localhost
>         >>
>         >> With samba running these ports will be open:
>         >>
>         >> 139/tcp   open  netbios-ssn Samba smbd 3.X (workgroup:
>         >> nameofyourworkgroup)
>         >> 445/tcp   open  netbios-ssn Samba smbd 3.X (workgroup:
>         >> nameofyourworkgroup)
>         >>
>         >> You can replace localhost with an IP or domain name. 
>         >>
>         >>
>         >> Much thanks.  The obvious next question is how to control
>         which ports are
>         > listening or closed.  Also, I've heard of port stealthing on
>         certain
>         > firewall software -- does anyone know what that is? 
>         >
>         
>         Sudo apt-get install firestarter
>         
>         Firestarter is a gui frontend for iptables with many added
>         features, see:
>         
>         http://www.fs-security.com/
>         
>         http://www.fs-security.com/docs.php
>         
>         You can also modify your iptables w/scripts & from the command
>         line
>         (google).
>         
>         However, Ubuntu comes with nearly all ports closed. So any
>         ports opened
>         afterwards are from your installation of the programs that use
>         them. To 
>         close the ports either remove the programs that opened them,
>         or read the
>         program documentation to see how to close or change the ports
>         it uses.
>         
>         I'd also very much advise purchasing a router with a built-in
>         firewall. 
>         That, in combination with Firestarter should keep you pretty
>         secure.
>         
>         
>         
>         
>         
>         --
>         ubuntu-users mailing list
>         ubuntu-users at lists.ubuntu.com
>         Modify settings or unsubscribe at:
>         https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> 
> Thanks again for the responses.
> I actually don't want to install firestarter, at least not until I
> have more time to play around (I've been and will be extremely busy
> for a while).  The last time I installed firestarter, it borked my
> connection to my Windows network.  There was a thread (actually
> multiple threads) on ubuntuforums relating to this, but none of them
> worked for me and I somehow screwed up DNS/name resolution while
> trying to fix that, and eventually I just reinstalled the system, as I
> couldn't afford to spend any more time trying to get it to work.  
> Realizing that firestarter is just a gui frontend to iptables, this
> time around I want to just use iptables directly, so I can immediately
> undo any rule that messes up my connection.

An easy way to check your port status is to visit http://www.grc.com and
select their 'Shields Up' test which will tell you whether your ports
are open, closed or stealthed.




More information about the ubuntu-users mailing list