Solved

Can you give me the consequenses of doing this ?

Posted on 2008-06-20
6
235 Views
Last Modified: 2010-04-20
What will happen if my server:

Shouldn't let to expose 25 and 5432 through the firewall.
Unblock ports 22 for ssh, 80 for http and 443 for https.
25 should be kept open for outgoing traffic only.
0
Comment
Question by:jaisonshereen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 6

Expert Comment

by:CorpComp
ID: 21835674
What does your server do?

What are you trying to achieve?

What OS are you running?
0
 

Author Comment

by:jaisonshereen
ID: 21835693
What does your server do?
I dont know. How to check
But i know there is a website hosted in apache/mogrel. And a postgres db.

What are you trying to achieve?
Figuring out my client will scold me. If i put rules in the production server.

What OS are you running?

uname -a
Linux footest 2.6.18-53.el5 #1 SMP Mon Nov 12 02:22:48 EST 2007 i686 i686 i386 GNU/Linux
0
 
LVL 40

Accepted Solution

by:
omarfarid earned 200 total points
ID: 21836088
The first lines you posted are recommendations for certain tcp ports (which are applications ports like smtp, ssh, http, https, etc) to be either denied / not allowed or allowed to pass through your firewall in order to protect your server. If you don't allow e.g. port 80 to your server then no one can reach your webserver. similarly, if you allow 23 then others from  outside your firewall can telnet to your server which could be insecure.
0
More Than Just A Video Library

Train for your certification. Learn the latest DevOps tools. Grow your skillset to do better work.

At Linux Academy, we release new training modules every week so you'll always be up to date on the latest tech.

 
LVL 7

Assisted Solution

by:dineesh
dineesh earned 200 total points
ID: 21837356
Looks like you are trying to setup a Mail server with webmail access over 80&443.

in that case you will be able just send out mails and not receive any as 25 inward is also a must for a mail server.
0
 

Author Comment

by:jaisonshereen
ID: 21838184
Mail server will send and receive mails ... all the mails will go/receive  through the port 25 that is SMTP port.

But as per your comment says need to block 25 for inward traffic. If that the case web mail will not receive any mails right?
0
 
LVL 6

Assisted Solution

by:CorpComp
CorpComp earned 100 total points
ID: 21839316
That is correct.  If you block port 25 for inward traffic, your mail server will not receive incoming email.

0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question