jamesbond

Well-Known Member
Oct 9, 2002
738
1
168
I'm thinking of installing the KISS iptables script.
http://www.geocities.com/steve93138/

Has anyone else used that script in combination with CPanel?


I compiled this list of ports that need to be open (from posts on this forum)
Looks complete to me, but suggestions are always welcome :p

21 ---& FTP ---& TCP
22 ---& SSH ---& TCP
25 ---& SMTP ---& TCP
53 ---& DNS ---& TCP & UDP
80 ---& HTTP ---& TCP
110 ---& POP3 ---& TCP
143 ---& IMAP ---& TCP
443 ---& HTTPs ---& TCP
465 ---& sSMTP ---& TCP
993 ---& sIMAP ---& TCP
995 ---& sPOP3 ---& TCP
2082 ---& Cpanel ---& TCP
2083 ---& secure Cpanel
2086 ---& WHM ---& TCP
2087 ---& secure WHM
2095 ---& WebMail ---& TCP
2096 ---& secure WebMail
3306 ---& MySQL ---& TCP
6666 ---& Melange ---& TCP
7786 ---& Ichange ---& TCP
 

netarus

Well-Known Member
Oct 27, 2002
105
0
166
Any recommendations on installing iptables and removing ipchains. I've found ipchains useful, however, iptables seem to be a lot more solid app.

We're using RH 7.3
 

jamesbond

Well-Known Member
Oct 9, 2002
738
1
168
I noticed Portsentry is running on my CPanel server by default and monitoring only port 1 and 111 (TCP)

# Use these if you just want to be aware:
TCP_PORTS=&1,111&
UDP_PORTS=&&
#

Is there any reason why only 2 ports are being monitored by default?
 

auyongtc

Member
Aug 13, 2001
15
0
301
I tried the script (added the ports that a cpanel box would need to survive) and guess what?

I completely locked myself out... had to get the techs in the DC to reboot for me - then I could login again...

Any idea what happened?
 

jamesbond

Well-Known Member
Oct 9, 2002
738
1
168
[quote:8300e6f900][i:8300e6f900]Originally posted by auyongtc[/i:8300e6f900]

I tried the script (added the ports that a cpanel box would need to survive) and guess what?

I completely locked myself out... had to get the techs in the DC to reboot for me - then I could login again...

Any idea what happened?[/quote:8300e6f900]

You probably forgot to configure some parts of the script, did you read through it all and added your ip's and additional ports to be open ?

# There are only 5 variables that need configuring.

They are:
# 1. SERVER_IPS
# 2. SUBNET_BASE
# 3. SUBNET_BROADCAST
# 4. BLOCK_LIST
# 5. ADDITIONAL_PORTS