Solved

Can you give me the consequenses of doing this ?

Posted on 2008-06-20
6
232 Views
Last Modified: 2010-04-20
What will happen if my server:

Shouldn't let to expose 25 and 5432 through the firewall.
Unblock ports 22 for ssh, 80 for http and 443 for https.
25 should be kept open for outgoing traffic only.
0
Comment
Question by:jaisonshereen
6 Comments
 
LVL 6

Expert Comment

by:CorpComp
ID: 21835674
What does your server do?

What are you trying to achieve?

What OS are you running?
0
 

Author Comment

by:jaisonshereen
ID: 21835693
What does your server do?
I dont know. How to check
But i know there is a website hosted in apache/mogrel. And a postgres db.

What are you trying to achieve?
Figuring out my client will scold me. If i put rules in the production server.

What OS are you running?

uname -a
Linux footest 2.6.18-53.el5 #1 SMP Mon Nov 12 02:22:48 EST 2007 i686 i686 i386 GNU/Linux
0
 
LVL 40

Accepted Solution

by:
omarfarid earned 200 total points
ID: 21836088
The first lines you posted are recommendations for certain tcp ports (which are applications ports like smtp, ssh, http, https, etc) to be either denied / not allowed or allowed to pass through your firewall in order to protect your server. If you don't allow e.g. port 80 to your server then no one can reach your webserver. similarly, if you allow 23 then others from  outside your firewall can telnet to your server which could be insecure.
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 7

Assisted Solution

by:dineesh
dineesh earned 200 total points
ID: 21837356
Looks like you are trying to setup a Mail server with webmail access over 80&443.

in that case you will be able just send out mails and not receive any as 25 inward is also a must for a mail server.
0
 

Author Comment

by:jaisonshereen
ID: 21838184
Mail server will send and receive mails ... all the mails will go/receive  through the port 25 that is SMTP port.

But as per your comment says need to block 25 for inward traffic. If that the case web mail will not receive any mails right?
0
 
LVL 6

Assisted Solution

by:CorpComp
CorpComp earned 100 total points
ID: 21839316
That is correct.  If you block port 25 for inward traffic, your mail server will not receive incoming email.

0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question