Solved

What is wrong with my iptables

Posted on 2009-05-05
2
254 Views
Last Modified: 2013-11-16
Hello

Running - 10 mins - fresh CentOS Linux 5 x86  install
I scanned my box with nmap and discovered the below ports are open

Can someon explain what is wrong with the iptables and why these ports can be probed from outside please ?

I dumped the default iptables wich comes with the fresh install . I commented some lines but I still can not hide these ports

Thank you



PORT     STATE    SERVICE VERSION
22/tcp   open     ssh
25/tcp   filtered smtp
111/tcp  open     rpcbind
|  rpcinfo:  
|  100000  2    111/udp  rpcbind  
|  100024  1    643/udp  status  
|  100000  2    111/tcp  rpcbind  
|_ 100024  1    646/tcp  status  
646/tcp  open     rpcbind
3306/tcp open     mysql   MySQL (unauthorized)
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
#-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p 10000 -j ACCEPT
#-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
#-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
#-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

Open in new window

0
Comment
Question by:tgunduz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 16

Accepted Solution

by:
Blaz earned 500 total points
ID: 24311590
change the last line to:
-A RH-Firewall-1-INPUT -j DROP

Maybe nmap  interprets a reject icmp reply as an open port for some protocols.
0
 

Author Comment

by:tgunduz
ID: 24311764
thanks
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying How To Identify the Scam Email You will see an email from someone you’ve had co…
Liquid Web and Plesk discuss how to simplify server management with a single tool  in their webinar.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question