CHAPTER |
|
7 |
Networks, Firewalls, and More |
WHEN YOU HAVE A NETWORK SERVICE INSTALLED, you allow other systems to connect to you. If you use common services like Web servers, SSH servers, and file-sharing servers, you are guaranteed to have specific ports open. When you connect to a Web server, for example, there is an expectation that it will be listening on port 80. You can certainly have your Web server listening on a different port, but that makes it harder for users to connect to you. The obscurity you introduce by moving to a different port is likely to have a minimal impact on whether an attacker finds your service or not. Obscurity is the hiding of information. Sometimes this means placing it in nonstandard locations.
Some services ...
Get Security Strategies in Linux Platforms and Applications, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
