|
Home > Archive > Red Hat Security > January 2004 > Blocking UDP ports
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Blocking UDP ports
|
|
| S Brower 2004-01-23, 7:50 pm |
| I am running RH9 and using a cable modem service as my ISP. Although my
machine is not on unless I'm home and using it, is there a way to
block UDP ports? As it is now, I left my machine on and went to a friends
house to do some port scans on my IP. I saw a lot of 'closed' UDP ports.
I would rather have them blocked...the good news is that everythingelse
was blocked (as far as I could tell, at least.)
It looks like DNS is UDP 53 but I can designate specific IPs to allow
traffic there. Unfortunately I don't know what else I need to allow.
I have two questions:
1) Is there a way to do this without setting up another machine as a
firewall/bastion host?
2) Where can I get more info on UDP ports and learn for myself instead of
bothering all of you? I have done Google searches and there
are too many resources for me to narrow down.
Best regards,
SRB
| |
| Durk van Veen 2004-01-23, 7:50 pm |
| quote:
> I have two questions:
> 1) Is there a way to do this without setting up another machine as a
> firewall/bastion host?
> 2) Where can I get more info on UDP ports and learn for myself instead of
> bothering all of you? I have done Google searches and there
> are too many resources for me to narrow down.
You can run iptables on the machine itself and have it act as a firewall for
itself filtering all incoming and outgoing traffic both TCP and UDP (and
ICMP for that matter).
| |
| S Brower 2004-01-23, 7:50 pm |
| On Wed, 06 Aug 2003 17:47:59 -0700, Durk van Veen wrote:
quote:
>
>
> You can run iptables on the machine itself and have it act as a firewall for
> itself filtering all incoming and outgoing traffic both TCP and UDP (and
> ICMP for that matter).
Than you for the help. I have looked into iptables and have bookmarked the
documentation to help me set it up. I simply don't know what
other UDP ports I need to allow to remain unblocked in order to ensure
that I don't encounter unanticipated results. After looking into it I now
know that DNS uses UDP :53. Had I simply blocked all of them I'd have been
without internet access. Of course I would know why and gone back and
allowed trafic again, but that would have been wasted time. I think I
asked the wrong question.
What I don't know is who/what else (other than DNS at :53) might use UDP
that I want to add into an iptables configuration as allowed while
restricting access to the unwanted
world. I hope this is clear enough...if I am not phrasing this well, please
take a text based cattle prod and give me a jolt in the right direction so
I can ask the right question.
Best regards,
-SRB
| |
| Steve Emmett 2004-01-23, 7:50 pm |
| Get a Linksys BEFSR11/41. The 11/41 costs about $50 at amazon, $59 at
Bestbuy, etc.
S Brower wrote:
quote:
> I am running RH9 and using a cable modem service as my ISP. Although my
> machine is not on unless I'm home and using it, is there a way to
> block UDP ports? As it is now, I left my machine on and went to a friends
> house to do some port scans on my IP. I saw a lot of 'closed' UDP ports.
> I would rather have them blocked...the good news is that everythingelse
> was blocked (as far as I could tell, at least.)
>
> It looks like DNS is UDP 53 but I can designate specific IPs to allow
> traffic there. Unfortunately I don't know what else I need to allow.
>
> I have two questions:
> 1) Is there a way to do this without setting up another machine as a
> firewall/bastion host?
> 2) Where can I get more info on UDP ports and learn for myself instead of
> bothering all of you? I have done Google searches and there
> are too many resources for me to narrow down.
>
> Best regards,
> SRB
|
|
|
|
|