On 12/02/06, Jim Bassett jim@datamantic.com wrote:
What is the canonical way to get a list of all open ports from the command line? Or maybe it's not so straightforward?
$ netstat -ln
Though netstat -a | grep LISTEN should give the same result I'd have thought.
Someone else suggested running netstat -a | grep LISTEN, and that indeed shows only services I would expect.
I understand that iptables is very powerful, and therefore not the easiest tool to use. But I would guess that the setup I want is pretty standard. I've found a bunch of info in google and I am digging in, but are there some iptables cookbook type recipes for a basic web/mail/dns server anyone could point me to?
The O'Reilly Linux Server Security book covers firewalling in quite an easy to understand fashion and there's a decent bastion host firewall script which is well commented...
http://examples.oreilly.com/linuxss2/
Will.