[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] port 80 closed, Firewall up and still accepted??



-----BEGIN PGP SIGNED MESSAGE-----

Hi Piet!

> FW_SERVICES_EXT_TCP="www"

That's about the same as FW_SERVICES_EXT_TCP="http". ;-)

See /etc/services:
http            80/tcp          # World Wide Web HTTP
www             80/tcp          # World Wide Web HTTP
www-http        80/tcp          # World Wide Web HTTP

So you're allowing outside access to your WWW server, whether it's
running or not.  If you want to DROP packets when Apache is not
active, you need to find a way to modify the config file (remove the
www from the line above) and reload the firewall rules.

Regards, Andy

- --
Andreas J. Mueller                            email: <andy@xxxxxxxxxx>
PGP RSA Public Key ID 0x3D41D941 FP: ED261973D51D3D20 C840B0542E69F602
We strongly urge you to encrypt information sent by email.  Our public
PGP key is available from http://132.176.114.28/q4408950/pubkey.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (MingW32)

iQC9AwUBPbcbZ/obN5o9QdlBAQHY8gVAhKwXktrmilK5pXTiPZ38DgUhb+o0peW9
97/3ne5kJvrDCs2CexOQLNFcpWc7lBPGAKo2lV3jeJM4CNc0C3SrYwevI6TZg7oV
Q56LbXCGH/lFjIpnilmCmTgHi9kxYb6PjSguP3p+FrNAzdDdwtkGg/Fefdlw94fl
5VVQt0cd5lxY0eQHquykQgVJLPwzsktw5oH5/QVtXpicDQgFYzLPN8MuCDtNalsE
=up67
-----END PGP SIGNATURE-----


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here