{"id":353,"date":"2017-10-20T14:51:09","date_gmt":"2017-10-20T14:51:09","guid":{"rendered":"http:\/\/blog.faktor0.de\/?p=353"},"modified":"2017-10-20T15:34:47","modified_gmt":"2017-10-20T15:34:47","slug":"portmap-service-sichern","status":"publish","type":"post","link":"https:\/\/blog.faktor0.de\/?p=353","title":{"rendered":"Portmap Service sichern"},"content":{"rendered":"<p>Dazu mussen die Dateien   \/etc\/hosts.allow und   \/etc\/hosts.deny<br \/>\nbearbeitet werden. Beispiel:<br \/>\n\/etc\/hosts.allow:<br \/>\n<code>portmap: 178.63.63.15,178.63.63.16<\/code><\/p>\n<p>\/etc\/hosts.deny:<br \/>\n<code>portmap: ALL<\/code><\/p>\n<p>Danach den portmap-Service neu starten:<br \/>\n<code>sudo service portmap restart<\/code><\/p>\n<p><a href=\"https:\/\/access.redhat.com\/documentation\/en-US\/Red_Hat_Enterprise_Linux\/3\/html\/Reference_Guide\/s1-tcpwrappers-access.html\">https:\/\/access.redhat.com\/documentation\/en-US\/Red_Hat_Enterprise_Linux\/3\/html\/Reference_Guide\/s1-tcpwrappers-access.html<\/a><\/p>\n<p><a href=\"https:\/\/www.yougetsignal.com\/tools\/open-ports\">https:\/\/www.yougetsignal.com\/tools\/open-ports<\/a><\/p>\n<p>Das Absichern der Ports \u00fcber iptables funktionert in vielen F\u00e4llen besser:<\/p>\n<p><font size=\"1\"><br \/>\n<code><br \/>\n#!\/bin\/sh<br \/>\n#<br \/>\n#<br \/>\n# Erste Zeile von iptables INPUT loeschen:<br \/>\n# sudo iptables -D INPUT 3<br \/>\n#<br \/>\n# iptables auflisten:<br \/>\n# sudo iptables -L -v<br \/>\n#<br \/>\n#<br \/>\n# Folgende Regeln erlauben den portmap-Dienst (port 111) nur von<br \/>\n# Rechner 178.63.63.71<br \/>\n#<br \/>\niptables -A INPUT -p udp ! -s 178.63.63.71\/24 --dport 111 -j DROP<br \/>\niptables -A INPUT -p tcp ! -s 178.63.63.71\/24 --dport 111 -j DROP<br \/>\niptables -A INPUT -p tcp -s 127.0.0.1 --dport 111 -j ACCEPT<br \/>\n<\/code><br \/>\n<\/font><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Dazu mussen die Dateien \/etc\/hosts.allow und \/etc\/hosts.deny bearbeitet werden. Beispiel: \/etc\/hosts.allow: portmap: 178.63.63.15,178.63.63.16 \/etc\/hosts.deny: portmap: ALL Danach den portmap-Service neu starten: sudo service portmap restart https:\/\/access.redhat.com\/documentation\/en-US\/Red_Hat_Enterprise_Linux\/3\/html\/Reference_Guide\/s1-tcpwrappers-access.html https:\/\/www.yougetsignal.com\/tools\/open-ports Das Absichern der Ports \u00fcber iptables funktionert in vielen F\u00e4llen besser: #!\/bin\/sh # # # Erste Zeile von iptables INPUT loeschen: # sudo iptables -D INPUT 3 # [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-353","post","type-post","status-publish","format-standard","hentry","category-unix"],"_links":{"self":[{"href":"https:\/\/blog.faktor0.de\/index.php?rest_route=\/wp\/v2\/posts\/353","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.faktor0.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.faktor0.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.faktor0.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.faktor0.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=353"}],"version-history":[{"count":11,"href":"https:\/\/blog.faktor0.de\/index.php?rest_route=\/wp\/v2\/posts\/353\/revisions"}],"predecessor-version":[{"id":364,"href":"https:\/\/blog.faktor0.de\/index.php?rest_route=\/wp\/v2\/posts\/353\/revisions\/364"}],"wp:attachment":[{"href":"https:\/\/blog.faktor0.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=353"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.faktor0.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=353"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.faktor0.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=353"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}