[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Portsentry, ipchains and pmfirewall

Subject: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Sat, 19 Jan 2002 15:04:43 +0100
Organization: Stauber Multimedia Design
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Eugene,

> When you do Netscape-style file upload, or use "PUT" method
> to place documents on the server, in both cases data flows over standard
> TCP connection.

Yeah, that's what I assumed as well. But apparently there are some cases 
where it apparently works different, like in some PERL scripts I've seen a 
while ago. 

> To the best of my knowledge, the only UDP ports you need to open in a
> typical configuration are BIND and possibly NTP (53 and 123).  If you
> use NFS or any RPC services, that's another story.

Yes, it is a different story. That leaves DNS and NTP as the only popular 
services where you need UDP, while I'd rate UDP for port 80, 81, 443 and 444 
as a "maybe" depending on the applications you run.

-- 

With best regards,

Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer

References:
- [cobalt-security] Portsentry, ipchains and pmfirewall
  - From: Francisco Sánchez
- Re: [cobalt-security] Portsentry, ipchains and pmfirewall
  - From: Michael Stauber
- Re: [cobalt-security] Portsentry, ipchains and pmfirewall
  - From: Eugene Crosser

Prev by Date: [cobalt-security] Re: Anyone using myNetWatchman.com
Next by Date: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
Previous by thread: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
Next by thread: Re: [cobalt-security] Portsentry, ipchains and pmfirewall

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index