Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Localhost connection refused
- To: tlug@example.com
- Subject: Re: Localhost connection refused
- From: Jonathan Q <jq@example.com>
- Date: Sun, 8 Jul 2001 15:54:35 +0900
- Content-Transfer-Encoding: 7bit
- Content-Type: text/plain; charset=us-ascii
- Delivered-To: tlug@example.com
- In-Reply-To: <008001c10778$bb349560$9455fea9@example.com>; from glenn@example.com on Sun, Jul 08, 2001 at 03:39:25PM +0900
- List-Help: <mailto:tlug-request@example.comsubject=help>
- List-Post: <mailto:tlug@example.com>
- List-Subscribe: <mailto:tlug-request@example.comsubject=subscribe>
- List-Unsubscribe: <mailto:tlug-request@example.comsubject=unsubscribe>
- Old-Return-Path: <jq@example.com>
- References: <01070813232100.08656@example.com> <008001c10778$bb349560$9455fea9@example.com>
- Reply-To: tlug@example.com
- Resent-From: tlug@example.com
- Resent-Message-ID: <dlKyqC.A._9B.fOAS7@example.com>
- Resent-Sender: tlug-request@example.com
Glenn Evanish (glenn@example.com) wrote: > >From something Johnathan wrote a while back I knew where to look for > ipchains rules now and noticed there was nothing to let pop3 through, so > because it was already late, I just changed all the REJECTs to ACCEPTs. No > dice. It still refuses connections, including ftp. Try disabling ipchains entirely: /etc/rc.d/init.d/ipchains stop and see if that changes things. I imagine it would :-) > My question boils down to this. Security is all well and good, but it would > be nice to see things work first and then put my #'s in and change my S's to > s's to tighten it. What else might it be in RH 7.1 that forbids stuff that > Man7.1 allows? Red Hat 7.1 gives you full control over what is allowed and not allowed when you set up firewalling in the install. To see what you allowed and didn't, take a look at /etc/sysconfig/ipchains > Also, how does one now stop and start telnet, pop3, etc if not in > inetd.conf? Anyone got a good URL to share? I would not allow telnet even on a box that was behind a firewall, NATted, running its own firewall, and properly locked down (of course, "properly locked down" by definition means that telnet is disabled) but you can find those things in /etc/xinetd.d. Since that has all the usual suspects enabled by default, you do need to visit this. A half-assed approach to security is better than none, and a big step forward for Red Hat - at least they have firewalling configurable during the install, but you're still firewalling a box that has "own me now" tattoed on its forehead. All someobdy has to do is find an exploit for the firewall or attack when you have the firewall disabled. What I did is created a new directory, /etc/xinetd.d/REMOVED and put every entry from /etc/xinetd.d/ into it. Multiple levels of defense are important. Run a firewall. Secure the machine and keep on top of all security updates (very easy with RH 7.1 using up2date) and use tripwire. Maybe run LIDS as well (be careful you don't lock yourself out with this one). Maybe use Snort, too. The more layers of security and checks you have, the safer you are. That doesn't mean no one can get you, but the more locked down you are, the fewer people are going to be able to do it. Jonathan -- There is Bag of Modul in the router
- Follow-Ups:
- Re: Localhost connection refused
- From: John De Hoog <dehoog@example.com>
- Re: Localhost connection refused
- References:
- Localhost connection refused
- From: John De Hoog <dehoog@example.com>
- Re: Localhost connection refused
- From: "Glenn Evanish" <glenn@example.com>
- Localhost connection refused
- Prev by Date: Re: Localhost connection refused
- Next by Date: Re: Localhost connection refused
- Prev by thread: Re: Localhost connection refused
- Next by thread: Re: Localhost connection refused
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |