On Sun, 2006-02-12 at 15:30 -0500, Jim Bassett wrote:
On Feb 12, 2006, at 3:22 PM, Craig White wrote:
On Sun, 2006-02-12 at 15:17 -0500, jim@datamantic.com wrote:
I have a CentOS 4.2 machine. lokkit shows that a firewall is enabled, and it is customized to allow SSH, Web, and DNS traffic only.
But if I run nmap against the server IP (from my home machine, outside the local network) it shows over 1000 open ports. Am I not understanding nmap, or is there something seriously wrong here?
might as well get a root shell and type...
iptables -L
and see what's up with that.
Craig
Thanks for the response. Any advice on understanding this is appreciated.
[root@ash ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere
Looks like the rules above are accepting anything for that server. The order of the rules makes a big difference.