View Single Post
  #16  
Old 6th August 2009, 16:44
rlischer rlischer is offline
Senior Member
 
Join Date: Jul 2009
Posts: 121
Thanks: 6
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by gscott187 View Post
So fail2ban appears to be working - good.

The iptables output shown is the default filter. This needs to be configured for your requirements. One of the things I advise you change are the default policy for INPUT and FORWARD chains from ACCEPT to DROP.

I've sent a HowTo on SquirrelMail and fail2ban to Falko that will be published here in the next few days (once it's been vetted). So if you're interested in setting up SquirrelMail with fail2ban be sure to read that. There's a few gotchas that can catch people out setting this one up.

As far as inbound ports/services to open, it all depends on what you intend running. For example:

Web - port 80 (http)
Secure Web - port 443 (https)
Plain text email - port 25, 110, 143 (smtp, POP3, IMAP4)
File transfer - port 20, 21 (ftp)
Secure Shell - port 22 (ssh)

There are several others but be very conservative and ask yourself what you REALLY need open.
Thanks! I will be watching for your howto.
Reply With Quote