[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Portsentry, ipchains and pmfirewall
- Subject: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Sat, 19 Jan 2002 15:04:43 +0100
- Organization: Stauber Multimedia Design
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Eugene,
> When you do Netscape-style file upload, or use "PUT" method
> to place documents on the server, in both cases data flows over standard
> TCP connection.
Yeah, that's what I assumed as well. But apparently there are some cases
where it apparently works different, like in some PERL scripts I've seen a
while ago.
> To the best of my knowledge, the only UDP ports you need to open in a
> typical configuration are BIND and possibly NTP (53 and 123). If you
> use NFS or any RPC services, that's another story.
Yes, it is a different story. That leaves DNS and NTP as the only popular
services where you need UDP, while I'd rate UDP for port 80, 81, 443 and 444
as a "maybe" depending on the applications you run.
--
With best regards,
Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer