[PREV] | [UP] | [NEXT]


Some tips


Install logcheck on your machine and finetune the config files in /etc/logchechk so that only strange messages will get through to you.


Close off the open ports that you dont want to be reachable with iptables:
# from localhost, portmap and imap etc are ok
iptables -A INPUT -s -j ACCEPT
# this is where the Disc Daemon listens
iptables -A INPUT -p tcp --dport 55 -j REJECT
# no pop3 without ssl
iptables -A INPUT -p tcp --dport 110 -j REJECT
# no portmap from outside
iptables -A INPUT -p tcp --dport 111 -j REJECT
iptables -A INPUT -p udp --dport 111 -j REJECT
# no imap without ssl
iptables -A INPUT -p tcp --dport 143 -j REJECT
# do not allow external ldap connections
iptables -A INPUT -p tcp --dport 389 -j REJECT

[PREV] | [UP] | [NEXT]