Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] blocking port 6000
- Date: Wed, 4 Sep 2002 00:44:54 -0500
- From: Scott Robbins <scottro@example.com>
- Subject: Re: [tlug] blocking port 6000
- References: <200209040400.NAA24400@example.com>
- User-agent: Mutt/1.4i-ja.1
On Tue, Sep 03, 2002 at 11:36:45PM +0900, Operator wrote: > TLUG'ers, > I just ran nessus and it told me that the X-server is accepting responses > from anyone!! this is bad..how do I stop this.. I'm using Mandrake 8.2 @ msec > 3. Just went to MD's site to look for an answer--WOW, what a SLOW site. As near as I can see, they have a Bastille firewall thingie--does it give you the option of which ports to configure? (I gave up looking after awhile, the site was too slow). Anyway, if you type the command InteractiveBastille from a terminal--they mention that you have to be root, and I'm guessing that this is a case where you might have to either do an su - or log in as root. (Doing a simple su will probably get you a bunch of command not found things).. If that doesn't give you the option of ports, then you might have to manually try to add a rule--I remember someone telling their firewall scripts were a bit confusing, but... You'll have to figure out if it's running ipchains or iptables (hopefully, that Bastille uses one or the other). To do this, again as root do iptables -L -n --line-numbers and if you get an error message then try ipchains -L -n --line-numbers (it might be --line-number rather than numbers, but IIRC both work) If one of these gives you a result, then, you can see where you want to insert it, for example, after a rule denying most well-known ports (0-1023). Say you wanted to insert it on line 7 then it would be iptables -I INPUT 7 -s 0/0 -d 0/0 -p tcp --syn --dport 6000:6009 -j DROP The syntax is slightly different for ipchains, I ~think~ (but if you have ipchains and do ipchains --help | less it should give it to you ipchains -I input 7 -s 0/0 -d 0/0 -p tcp -yes 6000:6009 -j DENY Again, take a look at the help page (as opposed to the man page--the help page is fairly straightforward). Again, that's assuming Bastille uses one or the other. -- Scott PGP keyID EB3467D6 (1B48 077d 66F6 9DB0 FDC2 A409 FA54 D575 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Colonel: Every inch of this installation is under constant, 24-hour surveillance. Willow: Including the secret lab? Colonel: Everything! (pause) What secret lab?
Attachment:
pgp00050.pgp
Description: PGP signature
- Follow-Ups:
- Re: [tlug] blocking port 6000
- From: Josh Glover
- Re: [tlug] blocking port 6000
- References:
- [tlug] blocking port 6000
- From: Operator
- [tlug] blocking port 6000
- Prev by Date: [tlug] Segmentation fault....what is this??
- Next by Date: [tlug] Disk I/O bottleneck: how to solve?
- Previous by thread: [tlug] blocking port 6000
- Next by thread: Re: [tlug] blocking port 6000
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |