ispCP - Board - Support
Ports allocation for ISPCP - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: Preinstallation Questions (/forum-31.html)
+--- Thread: Ports allocation for ISPCP (/thread-5760.html)



Ports allocation for ISPCP - Nomis - 02-19-2009 01:52 AM

I have just completed Debian 4 installation and want to install ispCP on it. But before I do that I want to close all ports that are not needed.

I want the system to preform the following tasks.
Host Domains
Send and receive mail to these domains.
Allow the user to update his domain via FTP
Have remote access to there mail via a web interface
Load Spam Assassin and Anti virus.

So where can I get a list of ports that ispCP uses to perform these task's so that all unnecessary ports can be closed to prevent the system from attacks.

Thanking you in advance for your assistance.


RE: Ports allocation for ISPCP - rbtux - 02-19-2009 03:15 AM

on linux only ports actually services runs on are open for the world...

so you won't need to "close" any ports...


RE: Ports allocation for ISPCP - Nomis - 02-19-2009 02:29 PM

Thanks for the update, so can I get a list of the services then please.


RE: Ports allocation for ISPCP - BeNe - 02-19-2009 04:38 PM

Port 21 (FTP)
Port 25 (SMTP)
Port 53 (DNS)
Port 80 for Apache (SSL 443 if needed)
Port 110 (POP3)
Port 143 (IMAP)
465 (SMTPs)
993 (IMAPs)
995 (POP3s)

Rest should be bind to localhost and not to your IP.

Greez BeNe


RE: Ports allocation for ISPCP - RodNoc - 02-19-2009 06:11 PM

(02-19-2009 04:38 PM)BeNe Wrote:  Port 21 (FTP)
Port 25 (SMTP)
Port 53 (DNS)
Port 80 for Apache (SSL 443 if needed)
Port 110 (POP3)
Port 143 (IMAP)
465 (SMTPs)
993 (IMAPs)
995 (POP3s)

Rest should be bind to localhost and not to your IP.

Greez BeNe


FTP has 2 ports: 20 and 21 (Data and Control)
And don't close your SSH-Port (22), because you need it to administrate your Server Wink
And you also need the high-ports for the connections, because of the dynamic ports (Correct me, if this is wrong)

Regards
Dom


RE: Ports allocation for ISPCP - BeNe - 02-19-2009 06:48 PM

Quote:FTP has 2 ports: 20 and 21 (Data and Control)
Right, i missed that point before - sorry!
Quote:And don't close your SSH-Port (22), because you need it to administrate your Server
Best would be if you move SSH to an other Port and close 22.
So you are not a victim of the default scans.
Quote:And you also need the high-ports for the connections, because of the dynamic ports (Correct me, if this is wrong)
Yeah, Proftpd use such Ports. You can set a range for the passive Ports in the Config and also open them in your FW Rule.

Greez BeNe


RE: Ports allocation for ISPCP - RodNoc - 02-19-2009 06:54 PM

(02-19-2009 06:48 PM)BeNe Wrote:  Best would be if you move SSH to an other Port and close 22.

No best would be, if he uses openVPN and only open the VPN-Port for outside and SSH for his openVPN-IP Wink


RE: Ports allocation for ISPCP - BeNe - 02-19-2009 06:58 PM

I know! Use use exactly this Version on my Server Wink
But if a Member ask me about what Ports ispCP needs, i´m not really sure if the knowlegde is enough for such a solution. So in his case the Port change is more simple and he does a little bit for the Servers securtiy.

Greez BeNe


RE: Ports allocation for ISPCP - Nomis - 02-19-2009 11:37 PM

Thanks guys.

This give me a great foundation to start from. Moving from Windows world to Linux so need all the help I can get.


And again many thanks