The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

KISS / Cpanel ports

Discussion in 'General Discussion' started by jamesbond, Nov 16, 2002.

  1. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    I'm thinking of installing the KISS iptables script.
    http://www.geocities.com/steve93138/

    Has anyone else used that script in combination with CPanel?


    I compiled this list of ports that need to be open (from posts on this forum)
    Looks complete to me, but suggestions are always welcome :p

    21 ---& FTP ---& TCP
    22 ---& SSH ---& TCP
    25 ---& SMTP ---& TCP
    53 ---& DNS ---& TCP & UDP
    80 ---& HTTP ---& TCP
    110 ---& POP3 ---& TCP
    143 ---& IMAP ---& TCP
    443 ---& HTTPs ---& TCP
    465 ---& sSMTP ---& TCP
    993 ---& sIMAP ---& TCP
    995 ---& sPOP3 ---& TCP
    2082 ---& Cpanel ---& TCP
    2083 ---& secure Cpanel
    2086 ---& WHM ---& TCP
    2087 ---& secure WHM
    2095 ---& WebMail ---& TCP
    2096 ---& secure WebMail
    3306 ---& MySQL ---& TCP
    6666 ---& Melange ---& TCP
    7786 ---& Ichange ---& TCP
     
  2. netarus

    netarus Well-Known Member

    Joined:
    Oct 27, 2002
    Messages:
    105
    Likes Received:
    0
    Trophy Points:
    16
    Any recommendations on installing iptables and removing ipchains. I've found ipchains useful, however, iptables seem to be a lot more solid app.

    We're using RH 7.3
     
  3. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    I noticed Portsentry is running on my CPanel server by default and monitoring only port 1 and 111 (TCP)

    # Use these if you just want to be aware:
    TCP_PORTS=&1,111&
    UDP_PORTS=&&
    #

    Is there any reason why only 2 ports are being monitored by default?
     
  4. auyongtc

    auyongtc Member

    Joined:
    Aug 13, 2001
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    I tried the script (added the ports that a cpanel box would need to survive) and guess what?

    I completely locked myself out... had to get the techs in the DC to reboot for me - then I could login again...

    Any idea what happened?
     
  5. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    [quote:8300e6f900][i:8300e6f900]Originally posted by auyongtc[/i:8300e6f900]

    I tried the script (added the ports that a cpanel box would need to survive) and guess what?

    I completely locked myself out... had to get the techs in the DC to reboot for me - then I could login again...

    Any idea what happened?[/quote:8300e6f900]

    You probably forgot to configure some parts of the script, did you read through it all and added your ip's and additional ports to be open ?

    # There are only 5 variables that need configuring.

    They are:
    # 1. SERVER_IPS
    # 2. SUBNET_BASE
    # 3. SUBNET_BROADCAST
    # 4. BLOCK_LIST
    # 5. ADDITIONAL_PORTS
     
Loading...

Share This Page