|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[suse-security] Nessus
From: Bojan Hribernik (bojan.hribernik
siol.net)
Date: Thu Feb 03 2005 - 13:57:20 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
adsl ---> switch ---> win98 (172.16.1.3) + winxp (172.16.1.2) suse (172.16.1.1
- apache+ssh) with samba network
I recently scanned my network with nessus and the results were awfull. I
scanned one of my vhosts and it look like samba ports are accessible from
internet. Is this because I'm running nessusd -D and scanning ???
I don't care about win boxes but I do care about suse box. From internet I
only want to allow http and ssh and samba from internal.
FW_QUICKMODE="no"
FW_DEV_EXT="dsl0"
FW_DEV_INT="eth0"
FW_DEV_DMZ=""
FW_ROUTE="no"
FW_MASQUERADE="no"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_MASQ_NETS="0/0"
FW_PROTECT_FROM_INTERNAL="yes"
FW_AUTOPROTECT_SERVICES="yes"
FW_SERVICES_EXT_TCP="http ssh"
FW_SERVICES_EXT_UDP=""
FW_SERVICES_EXT_IP=""
FW_SERVICES_EXT_RPC=""
FW_SERVICES_DMZ_TCP=""
FW_SERVICES_DMZ_UDP=""
FW_SERVICES_DMZ_IP=""
FW_SERVICES_DMZ_RPC=""
FW_SERVICES_INT_TCP="137:139 445 901"
FW_SERVICES_INT_UDP="137:139 445 901"
FW_SERVICES_INT_IP=""
FW_SERVICES_INT_RPC=""
FW_SERVICES_DROP_EXT=""
FW_SERVICES_REJECT_EXT="0/0,tcp,113"
FW_SERVICES_QUICK_TCP=""
FW_SERVICES_QUICK_UDP=""
FW_SERVICES_QUICK_IP=""
FW_TRUSTED_NETS="" #tried adding here instead FW_SERVICES_INT_*
--
Bojan Hribernik
http://hribb.homelinux.com/
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]