Skip to Content
Mastering Linux Security and Hardening - Second Edition
book

Mastering Linux Security and Hardening - Second Edition

by Donald A. Tevault
February 2020
Intermediate to advanced
666 pages
15h 45m
English
Packt Publishing
Content preview from Mastering Linux Security and Hardening - Second Edition

Protecting network ports

Each network daemon that's running on your system has a specific network port or set of network ports assigned to it, on which it will listen. The /etc/services file contains a list of common daemons and their associated network ports, but it doesn't prevent someone from configuring a daemon to listen on some non-standard port. So, without some mechanism to prevent it, some sneaky intruder could potentially plant some sort of malware that would cause a daemon to listen on a non-standard port, possibly listening for commands from its master.

SELinux protects against this sort of malicious activity by only allowing daemons to listen on certain ports. Use semanage to look at the list of allowed ports:

[donnie@localhost ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Mastering Linux Security and Hardening - Third Edition

Mastering Linux Security and Hardening - Third Edition

Donald A. Tevault
Linux Basics for Hackers
Mastering Windows Security and Hardening - Second Edition
UNIX and Linux System Administration Handbook, 5th Edition

UNIX and Linux System Administration Handbook, 5th Edition

Trent R. Hein, Evi Nemeth, Garth Snyder, Ben Whaley, Dan Mackin

Publisher Resources

ISBN: 9781838981778Supplemental Content