Security in Fedora 10

[cola]

Hello everybody.
Would someone please tell me how can I check the ports whether these are open or close?
Which software should I use (or the commands from terminal)?

[d3n0]

With 'netstat -l' and 'lsof -i' you get open ports.

[cola]

Quote:

Originally Posted by d3n0

With 'netstat -l' and 'lsof -i' you get open ports.

Any software that can I use?

[cola]

Can someone tell me how to use portsentry?

[bd54338rre]

Quote:

Originally Posted by cola

Can someone tell me how to use portsentry?

did some one told you how to use google?

[JohnVV]

there is nmap and a nmap gui in the repos and in the install dvd
and for the instructions on using nmap see:
http://nmap.org/

[metatron]

Quote:

Originally Posted by JohnVV

there is nmap and a nmap gui in the repos and in the install dvd
and for the instructions on using nmap see:
http://nmap.org/

There's also a new book out on Nmap called Nmap Network Scanning by Fyodor himself. I've only just started looking through it. It covers everything in the documentation that you find at the website and then some.

[cola]

Hello everybody.
Would someone please mention some useful commands for using nmap with explanation?(How to open or close ports)

[scottro]

http://linux.byexamples.com/archives...software-nmap/

This took about two minutes of googling to find.

[JohnVV]

well the docs on the nmap site are also in

Code:

man nmap

and there is " http://www.google.com/linux "
http://www.google.com/linux?hl=en&q=...al&btnG=Search

[stevea]

Whoa there ... this thread isn't answering the question

netstat -l only shows the ports *currently* open for tcp listening plus udp
lsof -i shows all open sockets including those on lo0 that we don't care abt for security.
nmap is a better since it shows both ports that are opened/closed/filtered for both tcp and udp and you can use nmap options to scan the entire port range (not the default) and only specific external interfaces.


Ultimately you want to use "iptables -L -n" to see which input rules your firewall software generated accept packets. and on which ports. The rest is interesting but has nothing to do with enforced security.

---
Actually "iptables -S INPUT" shows more of the proper details. Mine looks like this:

Quote:

-P INPUT ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 631 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 631 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 631 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited

You can all read the iptables man page as well as I, but the point is that only port 631 (ipp, cups) and also port 22 (ssh) are accessible from the outside.

[marinaccio]

I would second nmap, if you are new to it, try it with a graphical front end. Hope that helps.

[metatron]

Quote:

Originally Posted by marinaccio

I would second nmap, if you are new to it, try it with a graphical front end. Hope that helps.

I'm not trying to start a debate about this, because I know every user is different, but personally I find the gui to be crap. I found it easier to learn with a browser open to the doc page and a terminal to play around with Nmap in the CLI.

[joe.pelayo]

Try https://www.grc.com/x/ne.dll?bh0bkyd2

No need to install anything.

Thanks.
Joe.

[cola]

Thanks all for your specific replies.
It saved a lot of time from googling.

This is really a good tutorial for the beginners who are using nmap.
http://www.gnulinuxclub.org/index.ph...=350&Itemid=31

When I type zenmap or xnmap why same window appears.(naming zenmap).
And after installing nmap why cant I see an icon of it in Applications>System tools>"nmap" or in other place.
Would someone please tell?