Date: Wed, 29 Nov 2000 19:08:09 -0700 (MST) From: "Jonathan M. Slivko" <jon_slivko@simphost.com> To: John Howie <JHowie@msn.com> Cc: freebsd-security@freebsd.org, freebsd-isp@freebsd.org Subject: Re: Danger Ports Message-ID: <Pine.BSF.4.21.0011291907110.79751-100000@alpha.simphost.com> In-Reply-To: <013b01c05a72$d1f96d10$fd01a8c0@pacbell.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I am referring to the Back Orifice, Trinoo server ports, etc. Where can I get my hands on a list of those port #'s? or are there any utilities that act as those servers and log all attempts in hopes of catching those users who will no doubt try and take advantage of an open system? ---- Jonathan M. Slivko <jon_slivko@simphost.com> Technical Support, CoreSync Corporation (http://www.coresync.net) Team Leader, SecureIRC Project (http://secureirc.sourceforge.net) Pager/Voicemail: (917) 388-5304 ---- On Wed, 29 Nov 2000, John Howie wrote: > Jonathan, > > Rather than denying access to certain ports on your system, and allowing > access to the rest, you might find it easier to think in the reverse - What > ports do I need to leave open to outside (presumably Internet) users? > > The answer to that question depends on the needs of your outside users. You > will probably need to allow SSH access, and I would suggest that you get > users to use SCP instead of FTP (unless you have a public FTP site that > allows anonymous connections). You might also need to open up access to SMTP > and POP3 services for mail (while ensuring that your site can't be used as a > mail relay). DNS is another service that you might need to provide access > to. > > If users need access to so-called dangerous services such as X, printer, > NFS, NIS, SNMP, etc. then I would look for a VPN solution that brings them > into your network through the firewall and allows them to access these > services as an internal user. > > O'Reilly does a good book on Firewall Security, I suggest that you get it > and have a read. CERT also has a good document on packet filtering > (http://www.cert.org). Also, check the FreeBSD handbook or The Complete > FreeBSD for more information about setting up firewalls on FreeBSD systems. > > Hope this helps, > > john... > > ----- Original Message ----- > From: "Jonathan M. Slivko" <jon_slivko@simphost.com> > To: <freebsd-security@freebsd.org> > Cc: <freebsd-isp@freebsd.org> > Sent: Wednesday, November 29, 2000 5:23 PM > Subject: Danger Ports > > > > Can someone tell me what are the "danger" ports on FreeBSD, ports that > > perhaps need to be blocked because they are insecure? I would like to know > > so in the future, I can prevent outside attacks and concentrate more on > > internal attacks, or "insider jobs" as they're called. > > > > ---- > > Jonathan M. Slivko <jon_slivko@simphost.com> > > Technical Support, CoreSync Corporation (http://www.coresync.net) > > Team Leader, SecureIRC Project (http://secureirc.sourceforge.net) > > Pager/Voicemail: (917) 388-5304 > > ---- > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0011291907110.79751-100000>