[lug] Thanks!!! Was Multiple Questions

Pedersen, Michael J PederMJ at LOUISVILLE.STORTEK.COM
Fri Nov 19 13:30:40 MST 1999


Basically, analyze what you will be offering.  Turn off everything else.
For instance, you will most likely have a web server.  Open up port 80 on
this firewall.  ssh would be a good replacement for telnet, meaning you
would open up port 22. If you wish to offer ftp, open up that port (I
believe it's port 25, but am not sure).  You'll also want to open up the
ports for DNS, 53.  Everything else, though, should be closed unless you
have a very good reason, and fully understand what could happen to security
with those services.

Also, pay attention to the fact that when dealing with TCP/IP traffic, you
actually have to firewall against tcp, udp, and icmp traffic.  Three
separate protocols, and each one needs to be allowed through on a limited
basis.

> -----Original Message-----
> From: Shannon M. Johnston [mailto:Nunar at mauromedia.net]
> Sent: Friday, November 19, 1999 12:34 PM
> To: expert at linux-mandrake.com; lug at lug.boulder.co.us
> Subject: [lug] Thanks!!! Was Multiple Questions
> 
> 
> First off I want to thank everybody for the great answers 
> that I got to
> my questions.
> I now feel more comfortable in my position.
> I do have one more thing...
> What should I need to know to set up a secure firewall?
> 
> Thanks again,
> Nunar
> 
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> 




More information about the LUG mailing list