Colin Paul Adams wrote:
"Rodolfo" == Rodolfo J Paiz <rpaiz@xxxxxxxxxxxxxx> writes:
Rodolfo> At 12:41 PM 7/8/2004, Colin Paul Adams wrote: >> You ARE joking aren't you? That's 60,000 ports! It would take >> me a year to type all that lot in! Isn't there a way to limit >> which ports it uses?
Rodolfo> Hopefully you're aware that you can type 5000:65000 in Rodolfo> the iptables rule and it will treat it as a range. If Rodolfo> not, consider it good news... you just changed a year Rodolfo> into 3.7 seconds.
Thanks - but that still looks to be a huge security hole - according to lsof, it's only listening on one or two ports.
No; iptables is stateful. You can configure those ports to be open only for established or related connections.
--
-John (john@xxxxxxxxxxx)
