Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
computer:ufw_firewall_on_debian [2010/10/28 00:01]
tdobes
computer:ufw_firewall_on_debian [2011/02/09 00:35] (current)
tdobes close flexlm default ports on emsghost too
Line 42: Line 42:
   * on emslicense (a.k.a. emsghost), we receive some strange requests from ANSYS clients on TCP port 7723.  These fill up the logs and may cause the clients to pause waiting on a response. ​ Let's explicitly close the ports instead of leaving them stealthed. -- ''​ufw reject proto tcp from 205.215.64.0/​18 to any port 7723 && ufw reject proto tcp from 69.51.160.0/​19 to any port 7723''​   * on emslicense (a.k.a. emsghost), we receive some strange requests from ANSYS clients on TCP port 7723.  These fill up the logs and may cause the clients to pause waiting on a response. ​ Let's explicitly close the ports instead of leaving them stealthed. -- ''​ufw reject proto tcp from 205.215.64.0/​18 to any port 7723 && ufw reject proto tcp from 69.51.160.0/​19 to any port 7723''​
   * On ecelicense, we keep receiving queries on the default flexlm ports (on which we aren't running servers). ​ These are coming from all over the place, so it's probably badly-designed software. ​ Let's explicitly close those ports too.  -- ''​ufw reject proto tcp from 205.215.64.0/​18 to any port 27003:27009 && ufw reject proto tcp from 69.51.160.0/​19 to any port 27003:​27009''​   * On ecelicense, we keep receiving queries on the default flexlm ports (on which we aren't running servers). ​ These are coming from all over the place, so it's probably badly-designed software. ​ Let's explicitly close those ports too.  -- ''​ufw reject proto tcp from 205.215.64.0/​18 to any port 27003:27009 && ufw reject proto tcp from 69.51.160.0/​19 to any port 27003:​27009''​
 +  * We get scanned occasionally on emsghost too... closing ports there too -- ''​ufw reject proto tcp from 205.215.64.0/​18 to any port 27002:27009 && ufw reject proto tcp from 69.51.160.0/​19 to any port 27002:​27009''​
   * ''​ufw enable''​ turns this thing on and sets it up to start on boot   * ''​ufw enable''​ turns this thing on and sets it up to start on boot
   * The rules you define seem to end up in ''/​lib/​ufw/​user.rules''​ -- this seems like a weird place to me, but whatever   * The rules you define seem to end up in ''/​lib/​ufw/​user.rules''​ -- this seems like a weird place to me, but whatever
   * ''​ufw status verbose''​ will allow you to verify that everything is running properly -- make sure that the default incoming policy is deny and the default outgoing policy is allow   * ''​ufw status verbose''​ will allow you to verify that everything is running properly -- make sure that the default incoming policy is deny and the default outgoing policy is allow
   * ''​ufw show raw''​ seems to be the only parameter for the ''​show''​ command... I even checked the source. ​ I guess that's designed that way for future expansion or something. ​ Anyway, that gives you the iptables summary of what's going on... including handy pkts/bytes data on rule usage.   * ''​ufw show raw''​ seems to be the only parameter for the ''​show''​ command... I even checked the source. ​ I guess that's designed that way for future expansion or something. ​ Anyway, that gives you the iptables summary of what's going on... including handy pkts/bytes data on rule usage.
computer/ufw_firewall_on_debian.txt · Last modified: 2011/02/09 00:35 by tdobes
Recent changes RSS feed Driven by DokuWiki Valid XHTML 1.0 Valid CSS