View previous topic :: View next topic |
Author |
Message |
DLashley -
Joined: 18 Dec 2002 Posts: 207 Location: New York, NY
|
Posted: Tue Dec 24, 2002 6:08 am Post subject: Questions re: Console Port # |
|
|
1. Is it better to leave Abyss's Console Port number set to the default (9999), or to change it to another number? Is it a security problem if you don't?
2. If you should change the port number, is there a range of port numbers you should stay away from?
3. Which option is better for security: auto detect, or manually entering a port number for the console (does it matter at all)?
4. If the port number my server is running on can be detected by someone on the Internet (using a portscanner), am I in big trouble? Can this server run in "stealth mode"?
Sorry for all the dumb, newbie questions. I'd rather be safe than sorry.
P.S. I'm using Sygate Personal Firewall Pro 5.0 _________________ DLashley |
|
Back to top |
|
|
aprelium -
Joined: 22 Mar 2002 Posts: 6800
|
Posted: Thu Dec 26, 2002 1:02 am Post subject: Re: Questions re: Console Port # |
|
|
DLashley wrote: | 1. Is it better to leave Abyss's Console Port number set to the default (9999), or to change it to another number? Is it a security problem if you don't?
|
As Abyss Web Server gets known, more people will try to include port 9999 in their list of "hackable" ports. So, we recommend choosing another value just to avoid loosing your bandwidth while the server is rejecting these attacks. It isn't really a security problem. The console access is restricted only to the person who can give a correct login/password pair.
DLashley wrote: |
2. If you should change the port number, is there a range of port numbers you should stay away from?
|
Stay away from values lower than 1024 as these are usually reserved for wome well known services (21 for FTP, 110 for POP3, etc.) You can use any value between 1024 and 65535.
DLashley wrote: |
3. Which option is better for security: auto detect, or manually entering a port number for the console (does it matter at all)?
|
The security is the same with both. Autodetect will only help you find the next available port starting from a given port number. If you know what you do, just enter the number you want.
DLashley wrote: |
4. If the port number my server is running on can be detected by someone on the Internet (using a portscanner), am I in big trouble? Can this server run in "stealth mode"?
|
A web server is by definition required to be available to the outside world (unless you use it for internal purposes.) So being detected is not really an issue, it is rather a feature. You should enable the "stealth mode" to make it reachable from outside. But if you don't want, you can disable this. That way, your server is only available locally.
Hope this helps :D _________________ Support Team
Aprelium - http://www.aprelium.com |
|
Back to top |
|
|
Guest
|
Posted: Thu Dec 26, 2002 7:18 pm Post subject: |
|
|
It helped quite a bit. Thank you very much for your clear and concise answers. :-) |
|
Back to top |
|
|
Guest
|
Posted: Thu Dec 26, 2002 7:21 pm Post subject: |
|
|
Anonymous wrote: | It helped quite a bit. Thank you very much for your clear and concise answers. :-) |
I only asked about port numbers because I did a series of scans over at Sygate's site to check for security leaks. Everything else was either stealthed or blocked, except the scanner was able to detect that I was running a server. I didn't know if that was good or bad. I just didn't want to have to find out the hard way that it wasn't good. lol. |
|
Back to top |
|
|
DLashley -
Joined: 18 Dec 2002 Posts: 207 Location: New York, NY
|
Posted: Thu Dec 26, 2002 7:27 pm Post subject: |
|
|
Oops, I wasn't logged in. Sorry. :lol:
I tried to delete the extra accidental posts, but couldn't. _________________ DLashley
Last edited by DLashley on Thu Dec 26, 2002 7:32 pm; edited 1 time in total |
|
Back to top |
|
|
DLashley -
Joined: 18 Dec 2002 Posts: 207 Location: New York, NY
|
Posted: Thu Dec 26, 2002 7:30 pm Post subject: |
|
|
Anonymous wrote: | Anonymous wrote: | It helped quite a bit. Thank you very much for your clear and concise answers. :-) |
I only asked about the port numbers because I did a series of scans over at Sygate's site to check for security leaks. Everything else was either stealthed or blocked, except the scanner was able to detect that I was running a service. I didn't know if that was good or bad. I just didn't want to have to find out the hard way that it wasn't good. lol. |
_________________ DLashley |
|
Back to top |
|
|
|