Re: [Sheflug] Security

[Barrie Bremner <nospam [at] ecosse.net>]

Chris J/#6 wrote:

> 
> Not knowing how you use your machine, ports that you may want to keep open
> (with ipchains) include:
>         remote UDP port 53      - DNS repsonses (if you run a local
>                                         name server)
>         remote UDP port 4000    - ICQ server comms (if you use ICQ on your
>                                         machine)
>         local UDP port 7103     - Real-player streams
> 
>         ICQ may need a set of ports opened local TCP (again, depending on
>         which ICQ clone you use, the port range can be specified to ICQ
>         for firewall-purposes)
> 
>         remote TCP port 20      - For FTP transfers, /or/ use passive FTP
> 
>         Quake needs ports open (if you play network quake on your linux
>         box - can't remember which port(s) it uses).
> 
> Just a further few areas of thought :)

 Mmmm. I've already had to modify things to allow port forwarding from
my firewall to tcp port 6667 for Napster (can be any port - just tell
the Napster program).
 If you use a separate firewall/router box, IP masquerading (sp?) has
modules to automagically deal with the things you've mentioned (Quake,
FTP, audio streams, ICQ and a bunch of others) - saves a bit of effort
:-)

 Baz.   
--
Barrie J. Bremner

Email:     TheEnglishman [at] ecosse.net
           (PGP public key available at pgp.mit.edu)

URL:       http://www.geocities.com/thefatenglishman

Telephone: UK 01672 811246
Mobile:    UK 07968 792975

 Help Micro$oft wipe out piracy - get Linux.
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.