Re: Interesting Question....

[Adam Tauno Williams <adam@xxxxxxxxxxxxxxxx>]

> I downloaded and ran a program tonight called "Nmap". This is a port
> scanner that runs on Linux as well as other platforms. I did this to see how
> well I am doing at securing the Linux box before I place it on the Internet.

Good idea.

> I've gotten about the results I was expecting, but have two questions....
> Port 640 / unknown? Does anyone happen to know what item(s) might run at
> port
> 640. I checked the /etc/services file but no luck....

The /etc/services file is sadly incomplete.

Try running netstat -p which relates open sockets to running programs (PIDS).

>
> Port 1024 / kdm? Any ideas?
>

Again, try the same thing as abice.If this is what you say it is I would expect
it to be on port 177 (XDMCP).  I have no idea what kdm uses, and I'd worry about
running either GNOME or KDE on an internet connected machines, they do lots of
wierd network connections.

>     Since I'm running ssh on my machine I have disabled ftp, Telnet, rcp,
> rlogin, etc. since I can transfer files via ssh.
>     I've also added ALL:ALL to my /etc/hosts.deny file on the suggestion of
> a howto I was reading... (Linux Security Howto) I realize I will need to edit
> my /etc/hosts.allow file so I can access my machine from work, correct?

The HOWTO is correct.  This is how to go about it.

> P.S. God willing I will have the Linux machine full time on the UPS &
> Internet soon enough.... Also, I'm taking the 20th off from work so I have no
> excuse (next to something major coming up) to prevent me from speaking about
> Webmin!
>
> I'm still looking for a good IP-CHAINS Howto file if you happen to have
> a link to one! I'm really having a lot of problems understanding it!
>

Isn't their a IP-CHAINS howto in the /usr/doc/HOWTO?  Try looking around on
LinuxWorld.COM too, they have pretty good articles.

Systems and Network Administrator
Morrison Industries
1825 Monroe Ave NW.
Grand Rapids, MI. 49505