------- BEGIN FORWARDED MESSAGE -------
From: g.pardon@pi.be
To: teastep@shorewall.net
Cc:
Subject: Re: [Shorewall-users] Open ports
How am I testing this?
I''m doing a portscan using a portscanner like GFI Languard,
Superscanner
and nmap to check. Those two TCP-ports always showed up. Although, I
think there are other to test it.
I read the FAQ and the phenomenon (where is that Dutch-English dictionary
when you need it) is explained by the nature of UDP ports and the DROP-
command. Now I know I don''t have to worry a lot about those UDP port
marked as open. All I have to do is check if there is a program or
service running offering the mentioned service and see if I really need
and shut it down.
Regards,
Gerd
> On 14 Apr 2003, Gerd Pardon wrote:
>
> > Hello,
> >
> > I''ve installed Shorewall 1.4.1a on top of Red Hat
9.I''ve used the
Quick> > Install for standalone shorewall configurations. I don''t have
the
> > hardware yet to test on. So my laptop is serving as test rabbit.
> >
> > I''m confronted with ports 389 (LDAP) and 1720 (H323HostCall)
that stay
> > open always no matter how I change the rules.
>
> And exactly how are you testing this?
>
> > I''ve included the policy
> > and rules files. Besides that I still have 8 UDP ports that appear to
be> > open, but that seems to be an illusion. That''s what I read in
manuals
> > and guides.
> >
> > Can someone tell me why I keep on having ports open even though I tell
> > (I think) to shut all ports and gates?
> >
>
> Please start by reading the FAQ.
>
> -Tom
> --
> Tom Eastep \ Shorewall - iptables made easy
> Shoreline, \ http://www.shorewall.net
> Washington USA \ teastep@shorewall.net
>
-------- END FORWARDED MESSAGE --------