Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: lists.gentoo.org > gentoo-server > 08 > 010185.html (Request Expert lists.gentoo.org Support)

Re: [gentoo-server] how to stop tracing

From: Andrew Gaffney <agaffney(at)gentoo.org>
Date: Wed Jan 16 2008 - 16:52:59 EST


Christopher Dale wrote: 

> widyachacra wrote:

>> Dear List friends,
>>
>> When i scan my own domain from an out side host using 'nmap' tool it shows
>> following results. How do i block this kind of tracing using linux. Please
>> help me.
>>
>> nmap tracing result,
>>
>> PORT STATE SERVICE VERSION
 >> 25/tcp open smtp netqmail smtpd 1.04
>> 53/tcp open domain
>> 80/tcp open http Apache httpd 2.2.6 ((Gentoo))
>> 110/tcp open pop3 Courier pop3d
>> 119/tcp open ssh OpenSSH 4.7 (protocol 2.0)
>> 209/tcp open tam?
>> 443/tcp open http Apache httpd 2.2.6 ((Gentoo))
>> 628/tcp open tcpwrapped
>> 993/tcp open ssl/imap Courier Imapd (released 2005)
>> 995/tcp open ssl/pop3 Courier pop3d
>>
>>
>> 
> Hi Widyachacra,
> 
> Great question and one that I have had in the past also. In a previous
> post to the gentoo mailing list, someone suggested that port knocking be
> used as a means of securing through obscurity. After looking at it
> (
http://www.portknocking.org), I've found that it's a wonderful means to
> a personal server's security when exposed to the world wide web.
> 
> All the best in your attempts to obfuscate your server's open ports! :)

Unfortunately, this *only* works when it's a private server. This is not an acceptable solution on a server accessed by the "public". 

-- 
Andrew Gaffney                                 
http://dev.gentoo.org/~agaffney/
Gentoo Linux Developer             Catalyst/Installer + x86 release coordinator
-- 
gentoo-server@lists.gentoo.org mailing list
Received on Wed Jan 16 16:53:29 2008

This archive was generated by hypermail 2.1.8 : Mon Jun 16 2008 - 17:41:21 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library