Dear friends, I wish to hide all of the unnecessary ports on my linux ispconfig machine.What is your suggestion? iptables ? or using internal facilities in ISPConfig package? or maybe a third solution? Thank you
I recommend to use the ISPConfig firewall. It is an IPTables firewall, based on the bastille-firewall scripts.
If you run the server at home and using a router, just enable 80, 81, 22, 25, 110, 53, 143, and any other port you want people outside to access. I personally use APF and BFD along with administrator common sense . If you have the ability to drop the IP of people port scanning, i suggest you do it first from the router and use linux iptables to do the rest.