default iptables rules
NoOp
glgxg at sbcglobal.net
Tue Sep 18 00:23:44 UTC 2007
On 09/17/2007 03:46 AM, Mike Smith wrote:
> On Sun, 2007-09-16 at 19:50 -0400, Jimmy Wu wrote:
>> On 9/16/07, NoOp <glgxg at sbcglobal.net> wrote:
>> On 09/16/2007 02:06 PM, Jimmy Wu wrote:
>>
>> >> > Also, how do I find out what ports are open?
>> >> > I tried a netstat -l and got a lot of output (which I've
>> attached to the
>> >> > end)
>> >> >
>> >>
>> >> sudo apt-get install nmap
>> >>
>> >> sudo nmap -sV localhost
>> >>
>> >> With samba running these ports will be open:
>> >>
>> >> 139/tcp open netbios-ssn Samba smbd 3.X (workgroup:
>> >> nameofyourworkgroup)
>> >> 445/tcp open netbios-ssn Samba smbd 3.X (workgroup:
>> >> nameofyourworkgroup)
>> >>
>> >> You can replace localhost with an IP or domain name.
>> >>
[snip]
>
> An easy way to check your port status is to visit http://www.grc.com and
> select their 'Shields Up' test which will tell you whether your ports
> are open, closed or stealthed.
>
Well... partially. That will probe for ports from your (internet facing)
gateway/router/firewall, but will not & cannot probe internal lan ports
that are open on machines within the firewall. nmap will do that if you
simply tell it which IP's and or host names to look at.
For example; if I probe from GRC on the machine above it will not find
ports 139 and 445 as open. It may find them as "Stealth" if I've allowed
it, but either way that won't replace an nmap scan on your lan.
More information about the ubuntu-users
mailing list