open FW-port that should be closed
Posted: 20 Dec 2018, 12:23
Hello,
I need to ask for advice about a wierd constellation:
on a directadmin-server with csf i experience that albeit csf.conf states:
i find port 3306(TCP) accessible from outside unless mysqld is bound to 127.0.0.1-interface
same is true for rpcbind (port 111/TCP) - it should not be open according to TCP_IN but is
that somehow works against my understanding.
my according iptables look like that:
anyone experienced the same ? what is my misunderstanding here ?
RFC
best reagrds
-c-
I need to ask for advice about a wierd constellation:
on a directadmin-server with csf i experience that albeit csf.conf states:
Code: Select all
TCP_IN = "20,21,25,30,53,80,110,123,143,443,465,587,953,993,995,1935,3000:3039,3478,3479,5001,5060:5099,5222,5269,5275,5349,7443,7070,7777,10000:20000,49160:49300"same is true for rpcbind (port 111/TCP) - it should not be open according to TCP_IN but is
that somehow works against my understanding.
my according iptables look like that:
Code: Select all
# iptables -L -n |grep -E :'111|3306'
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:3306
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111RFC
best reagrds
-c-