need a volunteer

Victor Tsaran vtsaran at nimbus.ocis.temple.edu
Sat Oct 28 06:52:54 EDT 2000


Hey, FC!
Can you please attach this file with chain rules for me as well?
WOuld be much grateful.

Why did you say to shutdown the 110 and 113 ports. They are used for serving
POP3 client. Don't you need to get your Email once in a while? I would
definitely agree with 23 and 21 to be exchanged for SSH service which also
provides sftp.

Vic

******* ******* *******
have you thought of visiting Cybertsar's Internet Kingdom? It is still
alive!
Here is the URL:
http://go.to/vtsaran
or
http://kickme.to/vtsaran

******* ******* *******
----- Original Message -----
From: "Frank J. Carmickle" <frankiec at braille.uwo.ca>
To: "brian Moore" <admin at bmoore.yi.org>
Cc: <speakup at braille.uwo.ca>
Sent: Friday, October 27, 2000 11:23 PM
Subject: Re: need a volunteer


> Ok Brian.
> How secure do you want this machine that lives on the wonderfully unsecure
> network of athome?  I would imagine that you want something that's a
> little tighter then what you have right now.  When I portscan you I see 21
> 23 24 80 110 and 113.  Looks everything else is closed up.  My
> recommendation to you is to get ssh on your box and forget about telnet
> and ftp for starters.  Why you have pop3 waiting for connections is
> something else I would think you would want shut down.  If you really need
> http keep it.  However if you have another machine that you can
> specifically set up as a firewall you will be a lot happier to know that
> all of the trafic to your http server can be logged.  Same goes for
> everything else.
>
> One thing that you really also want to have happening is some ipchains
> rules setup so that your machine doesn't respond to portscans or ping
> requests.  This should fool most people looking around to find someone
> valnerable.  I'll post a ipchain rule set that has a lot of this done for
> you already.  Then Kerry can go over it with a fine tooth comb and tell me
> what's wrong with it.
>
> HTH
> FC
>
>
> On Fri, 27 Oct 2000, brian Moore wrote:
>
> > Greetings all.  okay finally got my linux box up and all my services
> > running the way I want.  my mail server is finally doing what I want.  I
> > think i have all my ipchains rules setup right and pluged all the
security
> > holes I know of.  the one I'm not clear on is my port 25 security.  if
this
> > machine ever becomes a spam host, I will have to shoot myself so I want
to
> > make real sure that no one except those in my local network can use it.
> > probably asking for trouble but got all my logging on verbose to see
what
> > happens.  can someone try and use my smtp server and see if you can.  if
> > you notice anything else, let me know as well.
> >
> > would really apreciate it.
> >
> > host is bmoore.yi.org
> > thanks.  brian.
> >
> >
> >
> > _______________________________________________
> > Speakup mailing list
> > Speakup at braille.uwo.ca
> > http://speech.braille.uwo.ca/mailman/listinfo/speakup
> >
>
>
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup





More information about the Speakup mailing list