Topic: Securing and closing ports on 5.1.2 install

[John Gause]

I am having some difficulty in trying to close ports and open ports for security in ipchains.

I first used the private server and gateway options which was fine but I needed the built in qmail program to act as a mail gateway for an exchange server.

Being the person that I am who is used to the /etc/sysconfig/ipchains file in a standard redhat setup. I was really mind boggled by the templates on This SME box.

Any help. I would really like to get some ports closed!!!

PS
I like the product but I really think their configuration files should be like other distributions. But any how still love the product

[Charlie Brady]

John Gause wrote:

> Any help. I would really like to get some ports closed!!!

You don't say which ones. All ports are closed to the outside world unless they are open to provide a service. So perhaps you should be disable a service or two. The packet firewall is set up using /etc/rc.d/init.d/masq which is a templated file.

Charlie

[John Gause]

Thanks for your help,

I sholuld have been more specific.

Let me explain. I originally had used the private server and gateway config which stealthed ports like 113 for IDENT port 80 port 443 and I was able to still have these services. The only port I needed open was port 25 for gateway email interception before it transfered to my exchange server.

I will try to work ot the kinks but I wish the template files were as easyu as just editing the ipchains file in /etc/sysconfig/ipchains
I am just confused with the template file to re stealth those ports

[John Gause]

Ok Found the problem and stealthed the ports

Thanks

Charlie