sunhux
asked on
iptables / OS firewall rule to block scanning on Tcp/Udp 53, Tcp2381 for PHP & Openssh Tcp22
Will creating iptables / firewall rule to permit only selected sysadmin laptops (or app servers) to
access vulnerable servers (ISC Bind on Tcp/Udp 53 & PHP Tcp2381 & Openssh's too old versions)
help to block VA scanner's detection.
To help with mitigation till we have the resource to upgrade to higher versions
access vulnerable servers (ISC Bind on Tcp/Udp 53 & PHP Tcp2381 & Openssh's too old versions)
help to block VA scanner's detection.
To help with mitigation till we have the resource to upgrade to higher versions
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Update BIND (If out of redhat support you buy it or roll over to CentOS) - old 9-series configuration will work just fine, named-checkconf -z is your friend.
PHP TCP 2381 is HP management server - upgrade it (it is called SMH) at the same time restricting access or even binding it to localhost.