A Little Less Unsafe (Closing Telnet)

I use this port to play a little bit with the router, since it has a configuration board accessible. But, most of the time, I don’t use it and I don’t want anyone else to remotely use it, either.

We’re going to set a rule for the firewall to close communication in any direction on port 23. (telnet).

First, is the firewall enabled ?

sudo ufw status

If it’s not enabled, enable it :)

sudo ufw enable

Then:

sudo ufw deny in 23
sudo ufw deny out 23

sudo ufw deny in 21
sudo ufw deny out 21

sudo ufw deny in 1723
sudo ufw deny out 1723

If you scan your machine now, you won’t find anyone listening on these ports.

Moreover, I used “deny”. You could have used “reject”, but “reject” tells someone probing that you are denying traffic, whereas “deny” just ignores requests.

To limit the attempts (maximum is 6 in 30 seconds), useful to make it less easier to dictionary attacks.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s