cable modem activity

Kevin Cozens kcozens-qazKcTl6WRFWk0Htik3J/w at public.gmane.org
Tue Apr 27 23:30:43 UTC 2004


Greetings, Mel.

For some reason, parts of the message got a bit garbled.

At 03:44 PM 04/23/2004, Mel Seder wrote:
> > could have temporarily shutdown the network support (ieie/sbsbinervice
> > network stop).
>
>Right you are I take it the syntax would be #/sbsbinervice network stop.  Is
>that correct?

/sbin/service network stop

> > indicated that you have open ports for LDLDAPsome unspecified service on
> > port 1002, and a SQSQLatabase on port 1720. Unless you need to make these
> > ports accessible to people outside your local network, you should do
> > something to limit access to these ports.
>
>Uh Oh!  My router only has the ssh port forwarded.  Come to think of it I 
>don't
>know how ftp,  hthttpnd possibly others are able to communicate as they have
>not been forwarded by my router.  Is there a place to look to see if LDLDAPnd
>SQSQLan be disabled?  I assume that they are not needed unless I am running
>LDLDAPnd SQSQLhich I don't think I am running?

If you don't need LDAP services or a SQL database on your machine, you 
should modify your startup scripts so these services won't start 
automatically when you boot the machine. If you have it on your machine, 
chkconfig is one way to alter which startup scripts are run at boot time. 
You should also use ps and lsof to see what programs are running after your 
machine starts and to which ports your machine is listening. And don't 
forget to review the configuration of inetd. Just a heads up in case you 
haven't already done all of this.

>However I'm scared to death of IPIPtablesnd fifilewalls If you
>know of a site about momonmothaor dummies/(network impaired) newbies let me
>know and alallthough can't prpromise'll try it I do prpromise will read it or
>at least read it until I get too scared :-)

The MonMotha script isn't that difficult to set up. You edit a few 
variables near the top of the script and the rest of the script builds all 
the rules you need. The script will typically deny any inbound connections 
except for the ports you specify.

The main site for MonMotha is:
http://monmotha.mplug.org/firewall/

Some useful documentation about the script can be found here:
http://www.mplug.org/phpwiki/index.php?MonMothaReferenceGuide



Cheers!

Kevin.  (http://www.interlog.com/~kcozens/)

Owner of Elecraft K2 #2172        |"What are we going to do today, Borg?"
E-mail:kcozens at interlog dot com|"Same thing we always do, Pinkutus:
Packet:ve3syb-XXPEJ3/fxIc at public.gmane.org#con.on.ca.na|  Try to assimilate the world!"
#include <disclaimer/favourite>   |              -Pinkutus & the Borg

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list