-
iptables basics
OK, I'm a bit of a newbie but have been reading quite a bit regarding iptables. I'm trying to secure my recent Debian3.0 install. I understand how the rules of iptables work but:
1. how can I verify that iptables is already installed?
2. One "how to" I read said iptables might be a module or compiled into the kernel. How do check to see if it's in the kernel?
3. I thought the "inetd.conf" file started all the services. However, ssh, telnet, finger are not even listed in this file. Where are those services started and how do I disable them?
This should get me started. I've pasted my "inetd.conf" file and the output to a "netstat -pant" command which shows some vulnerability (I think). I don't want to run any services. I only need to access the net.
*********************** here is the inetd.conf file
# /etc/inetd.conf: see inetd(8) for further informations.
#
# Internet server configuration database
#
#
# Lines starting with "#:LABEL:" or "#<off>#" should not
# be changed unless you know what you are doing!
#
# If you want to disable an entry so it isn't touched during
# package updates just comment it out with a single '#' character.
#
# Packages should modify this file by using update-inetd(8)
#
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
#
#:INTERNAL: Internal services
#echo stream tcp nowait root internal
#echo dgram udp wait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp wait root internal
discard stream tcp nowait root internal
discard dgram udp wait root internal
daytime stream tcp nowait root internal
#daytime dgram udp wait root internal
time stream tcp nowait root internal
#time dgram udp wait root internal
#:STANDARD: These are standard services.
#:BSD: Shell, login, exec and talk are BSD protocols.
#:MAIL: Mail, news and uucp services.
smtp stream tcp nowait mail /usr/sbin/exim exim -bs
#:INFO: Info services
ident stream tcp wait identd /usr/sbin/identd identd
#:BOOT: Tftp service is provided primarily for booting. Most sites
# run this only on machines acting as "boot servers."
#:RPC: RPC based services
#:HAM-RADIO: amateur-radio services
#:OTHER: Other services
******** here is the netstat -pant output:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:113 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:37 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:13 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:9 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
-blakelock-
RedHat9/WinXP on a
Dell Inspiron 1100
Cel 2Ghz
also running SuSE 8.1 on a
PIII 700MHz, 384 Mb RAM,
ASUS CUSL2 M/B
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|