Advice needed on test results

Advice needed on test results

Post by ck26 » Wed, 10 Apr 2002 12:56:26



A sygatetech.com scan revealed that my ssh, telnet, DNS and finger ports
are 'open'. I have bastille-firewall running. Why is this?

I used Interactive Bastille to close down telnet, finger isn't even
available on my machine and it also says that ICMP ping is not blocked.

Ports 23 and 79 also appear to be open which is apparently bad news as
Trojans listen on them. Port 143 too. However, on a udp scan - my port 23
is closed?!

How come Bastille isn't doing its job?

So, how do I manually close down ping and the above ports - I've already
denied all in hosts.deny and netstat  -pan --inet reports back that there
are no ports listening to the world (ie on 0.0.0.0.0.*).

Help - where does all this leave me?.

TIA, Chris

 
 
 

Advice needed on test results

Post by Geof » Wed, 10 Apr 2002 17:28:38



> A sygatetech.com scan revealed that my ssh, telnet, DNS and finger ports
> are 'open'. I have bastille-firewall running. Why is this?

> I used Interactive Bastille to close down telnet, finger isn't even
> available on my machine and it also says that ICMP ping is not blocked.

> Ports 23 and 79 also appear to be open which is apparently bad news as
> Trojans listen on them. Port 143 too. However, on a udp scan - my port 23
> is closed?!

> How come Bastille isn't doing its job?

> So, how do I manually close down ping and the above ports - I've already
> denied all in hosts.deny and netstat  -pan --inet reports back that there
> are no ports listening to the world (ie on 0.0.0.0.0.*).

> Help - where does all this leave me?.

> TIA, Chris

Check that Sygate are testing your IP. If your connecting through a
proxy then that might be what was tested.

Geoff

 
 
 

Advice needed on test results

Post by Bob Ceculs » Thu, 11 Apr 2002 07:41:35



Quote:> A sygatetech.com scan revealed that my ssh, telnet, DNS and finger ports
> are 'open'. I have bastille-firewall running. Why is this?

> I used Interactive Bastille to close down telnet, finger isn't even
> available on my machine and it also says that ICMP ping is not blocked.

> Ports 23 and 79 also appear to be open which is apparently bad news as
> Trojans listen on them. Port 143 too. However, on a udp scan - my port 23
> is closed?!

> How come Bastille isn't doing its job?

> So, how do I manually close down ping and the above ports - I've already
> denied all in hosts.deny and netstat  -pan --inet reports back that there
> are no ports listening to the world (ie on 0.0.0.0.0.*).

> Help - where does all this leave me?.

it leaves you like every other linux/unix/windoze user out there ...
"vulnerable" ... with OpenVMS, setting up an "unhackable" box is easy,
unlike the convuluted useless solutions thrown around this linux board!

- Show quoted text -

Quote:

> TIA, Chris

 
 
 

Advice needed on test results

Post by Patrick J. Dempse » Thu, 11 Apr 2002 08:19:33



Quote:> it leaves you like every other linux/unix/windoze user out there ...
> "vulnerable" ... with OpenVMS, setting up an "unhackable" box is easy,
> unlike the convuluted useless solutions thrown around this linux board!

Hmmm...  His box is VMS but his whipped-cream lovin' website at
www.instantwhip.com was created on a tasy Microsoft box using FrontPage
4.0.  Where is the all-mighty OpenVMS content creator?

Patrick