What's wrong with system-config-securitylevel?!?!?!

Support for security such as Firewalls and securing linux
Post Reply
TobiasBXL
Posts: 2
Joined: 2006/03/31 13:28:58
Contact:

What's wrong with system-config-securitylevel?!?!?!

Post by TobiasBXL » 2006/03/31 14:18:03

Hi everybody,

I'm rather new to CentOS or the Linux based OS from a major North American Linux distributor. I have a basic quesions how system-config-securitylevel works:

When I use system-config-securitylevel to setup the CentOS packet filter, I open up ports for SSH and HTTP and activate the settings.

I then do "nmap -sT -O localhost" to verify this. I can also do this from another host with the same results.

I was VERY alarmed and confused to read this output from nmap:

[code]
Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2006-03-31 15:37 CEST
Insufficient responses for TCP sequencing (1), OS detection may be less accurate
Interesting ports on arkanoid.unixag-zw.fh-kl.de (127.0.0.1):
(The 1656 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
631/tcp open ipp
Device type: general purpose
Running: Linux 2.4.X|2.5.X|2.6.X
OS details: Linux 2.4.0 - 2.5.20, Gentoo 1.2 linux (Kernel 2.4.19-gentoo-rc5), Linux 2.4.20, Linux 2.4.20 - 2.4.22 w/grsecurity.org patch, Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7)

Nmap run completed -- 1 IP address (1 host up) scanned in 2.674 seconds
[/code]

[b]What's the matter here?![/b] I didn't want to open up port 25, 11 and 631! BTW: port 80 doesn't show up since HTTPD isn't started yet.

Any ideas?

I have the slight suspicion that system-config-securitylevel isn't working correct. Bug or "feature"?

thanks,
Tobias

foxb
Posts: 1927
Joined: 2006/04/20 19:03:33
Location: Montreal/QC

Re: What's wrong with system-config-securitylevel?!?!?!

Post by foxb » 2006/05/04 17:46:48

Localhost is allways bypassing firewall

Try scanning from another computer

Post Reply

Return to “CentOS 4 - Security Support”