Fli
09-21-2013, 08:24 PM
Hello,
these are some of ports that are open on Centos, OpenVZ, HyperVM node:
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
932/tcp open unknown
953/tcp open rndc - name server control utility
3306/tcp open mysql
8888/tcp open sun-answerbook
I want control panel so i need ssh, http, mysql and 8888 port.
Please which of the remaining ports do you suggest to close / modiffy?
=================
someone advice:
- changing SSH port number
- restricting mysql to some IPs(mine for example)
- Installing denyhosts or fail2ban
- Limitting number of connections per second on ssh port (CSF firewall, but on OpenVZ, it blocks also VPSs, so i dont recommend trying)
- allowing only send mail out, not receive
Here is how to disallow port connections by firewall: http://internetlifeforum.com/networking/967-how-block-allow-iptables-port/#post1482
these are some of ports that are open on Centos, OpenVZ, HyperVM node:
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
932/tcp open unknown
953/tcp open rndc - name server control utility
3306/tcp open mysql
8888/tcp open sun-answerbook
I want control panel so i need ssh, http, mysql and 8888 port.
Please which of the remaining ports do you suggest to close / modiffy?
=================
someone advice:
- changing SSH port number
- restricting mysql to some IPs(mine for example)
- Installing denyhosts or fail2ban
- Limitting number of connections per second on ssh port (CSF firewall, but on OpenVZ, it blocks also VPSs, so i dont recommend trying)
- allowing only send mail out, not receive
Here is how to disallow port connections by firewall: http://internetlifeforum.com/networking/967-how-block-allow-iptables-port/#post1482