Am Sa, den 24.07.2004 schrieb John Dangler um 20:30: > I went to the ShieldsUP!!! site and ran the file sharing and common ports > tests. According to the results, I allowed ping to reply to their server > via ICMP echo, and I have port 21 (ftp) and 23 (telnet) open. How do I: > > (1) block/ignore ICMP echo requests Would be just "security by obscurity". Not necessary to block anything. > (2) Tell inquirers that ports 21 and 23 exist but are closed to connections Shut down the services you don't need. If you don't want the FTP server running either disable it with "chkconfig $FTP off" ($FTP is dependent in the FTP server you run). If you need the FTP server internally, then block port 21 on the outbound device with iptables. The telnet server should be stopped under every circumstance! Use SSHD. > John Dangler Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.6-1.435.2.3.ad.umlsmp Serendipity 20:54:49 up 2 days, 5:42, load average: 0.01, 0.08, 0.10
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
