[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] UDP wide open?!?!?



* Mathias Homann; <admin@xxxxxxxxxx> on 30 Oct, 2002 wrote:
Hi,

here a snippet from /etc/sysconfig/SuSEfirewall2:
[2324][Up: 1:29][Load: 1.12][root@celebrimbor:/etc]$ grep UDP
sysconfig/SuSEfirewall2
FW_SERVICES_EXT_UDP="ntp auth 1052"
FW_SERVICES_DMZ_UDP=""
FW_SERVICES_INT_UDP=""
FW_ALLOW_INCOMING_HIGHPORTS_UDP="domain ntp"


any hints?

Are running a name server FW_SERVICE_DNS="yes" if so that is the reason
and also from /etc/services

domain          53/tcp          # Domain Name Server
domain          53/udp          # Domain Name Server
ntp             123/tcp         # Network Time Protocol
ntp             123/udp         # Network Time Protocol


so having FW_ALLOW_INCOMING_HIGHPORTS_UDP="domain ntp" means nothing as
they are not >1023
HTH
--

Togan Muftuoglu
Unofficial SuSE FAQ Maintainer
http://dinamizm.ath.cx



--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here