johndmiller <john at mn.mediaone.net> wrote: > > Second question: > I am getting messages like : > portmap[9271] connect from 202.105.205.141 to dump(): request from > unauthorized host First off, you shouldn't be running portmap unless you're in a network that uses NIS or are mounting NFS shares. most people don't need to be running much at all in the way of network services. SSH, lpd, and sendmail are more than enough. Include identd if you use IRC. Sendmail on modern RedHat distributions only listens to 127.0.0.1 by default. LPD needs to be trained. I think it's also worthwhile to drop connection requests to port 6000, the default X Windows port, since I usually tunnel my X applications over SSH, and am therefore usually using Unix domain sockets. With iptables, you can do something like this to block others from connecting to open ports on your system: iptables -A INPUT -i eth0 -p tcp --dport printer -j REJECT \ --reject-with tcp-reset Replace `eth0' with appropriate device names (not `lo') and `printer' with appropriate port names or numbers. The `--reject-with tcp-reset' will prevent those ports from showing up as `filtered' with nmap. You can drop X connections and/or set up X Windows to not listen to TCP connections. Wherever your X session starts up, add the parameter `-nolisten tcp'. -- _ _ _ _ _ ___ _ _ _ ___ _ _ __ Find your aim in life, / \/ \(_)| ' // ._\ / - \(_)/ ./| ' /(__ before you run out of \_||_/|_||_|_\\___/ \_-_/|_|\__\|_|_\ __) ammunition [ Mike Hicks | http://umn.edu/~hick0088/ | mailto:hick0088 at tc.umn.edu ] -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010605/f5ae1292/attachment.pgp