Guest User

Untitled

a guest
Jul 15th, 2019
194
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. root@zelkoa:/home/bagou450# cat htf_report.txt | more
  2.  
  3. ##### SERVER #####
  4. IP-address (as per hostname): ***.***.***.***
  5. [WARN] could not determine server's ip address by ifconfig
  6. [INFO] ISPConfig is installed.
  7.  
  8. ##### ISPCONFIG #####
  9. ISPConfig version is 3.1.14p1
  10.  
  11.  
  12. ##### VERSION CHECK #####
  13.  
  14. [INFO] php (cli) version is 7.2.19-0ubuntu***.***.***.***
  15.  
  16. ##### PORT CHECK #####
  17.  
  18. [WARN] Port 465 (SMTP server SSL) seems NOT to be listening
  19.  
  20. ##### MAIL SERVER CHECK #####
  21.  
  22. [WARN] I found no "submission" entry in your postfix master.cf
  23. [INFO] this is not critical, but if you want to offer port 587 for smtp connecti
  24. ons you have to enable this.
  25. [WARN] I found no "smtps" entry in your postfix master.cf
  26. [INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) con
  27. nections you have to enable this.
  28.  
  29. ##### RUNNING SERVER PROCESSES #####
  30.  
  31. [INFO] I found the following web server(s):
  32. Apache 2 (PID 3022)
  33. [INFO] I found the following mail server(s):
  34. Postfix (PID 1943)
  35. [INFO] I found the following pop3 server(s):
  36. Dovecot (PID 1383)
  37. [INFO] I found the following imap server(s):
  38. Dovecot (PID 1383)
  39. [INFO] I found the following ftp server(s):
  40. PureFTP (PID 4507)
  41.  
  42. ##### LISTENING PORTS #####
  43. (only ()
  44. Local (Address)
  45. [anywhere]:110 (1383/dovecot)
  46. [anywhere]:143 (1383/dovecot)
  47. [anywhere]:21 (4507/pure-ftpd)
  48. ***.***.***.***:53 (1210/named)
  49. [localhost]:53 (1210/named)
  50. ***.***.***.***:53 (908/systemd-resolve)
  51. [anywhere]:22 (1402/sshd)
  52. [anywhere]:25 (1943/master)
  53. [localhost]:953 (1210/named)
  54. [anywhere]:993 (1383/dovecot)
  55. [anywhere]:995 (1383/dovecot)
  56. [localhost]:10023 (1880/postgrey)
  57. [localhost]:10024 (2021/amavisd-new)
  58. [localhost]:10025 (1943/master)
  59. [localhost]:10026 (2021/amavisd-new)
  60. [localhost]:3306 (1578/mysqld)
  61. [localhost]:10027 (1943/master)
  62. [localhost]:11211 (1315/memcached)
  63. [localhost]10 (1383/dovecot)
  64. [localhost]43 (1383/dovecot)
  65. *:*:*:*::*:8080 (3022/apache2)
  66. *:*:*:*::*:80 (3022/apache2)
  67. *:*:*:*::*:8081 (3022/apache2)
  68. *:*:*:*::*:21 (4507/pure-ftpd)
  69. *:*:*:*::*:53 (1210/named)
  70. *:*:*:*::*:22 (1402/sshd)
  71. *:*:*:*::*:25 (1943/master)
  72. *:*:*:*::*:953 (1210/named)
  73. *:*:*:*::*:443 (3022/apache2)
  74. *:*:*:*::*:993 (1383/dovecot)
  75. *:*:*:*::*:995 (1383/dovecot)
  76. *:*:*:*::*:10023 (1880/postgrey)
  77. *:*:*:*::*:10024 (2021/amavisd-new)
  78. *:*:*:*::*:10026 (2021/amavisd-new)
  79.  
  80.  
  81.  
  82.  
  83. ##### IPTABLES #####
  84. Chain INPUT (policy DROP)
  85. target prot opt source destination
  86. f2b-sshd tcp -- [anywhere]/0 [anywhere]/0 multiport dp
  87. orts 22
  88. ufw-before-logging-input all -- [anywhere]/0 [anywhere]/0
  89.  
  90. ufw-before-input all -- [anywhere]/0 [anywhere]/0
  91. ufw-after-input all -- [anywhere]/0 [anywhere]/0
  92. ufw-after-logging-input all -- [anywhere]/0 [anywhere]/0
  93.  
  94. ufw-reject-input all -- [anywhere]/0 [anywhere]/0
  95. ufw-track-input all -- [anywhere]/0 [anywhere]/0
  96.  
  97. Chain FORWARD (policy DROP)
  98. target prot opt source destination
  99. ufw-before-logging-forward all -- [anywhere]/0 [anywhere]/0
  100.  
  101. ufw-before-forward all -- [anywhere]/0 [anywhere]/0
  102. ufw-after-forward all -- [anywhere]/0 [anywhere]/0
  103. ufw-after-logging-forward all -- [anywhere]/0 [anywhere]/0
  104.  
  105. ufw-reject-forward all -- [anywhere]/0 [anywhere]/0
  106. ufw-track-forward all -- [anywhere]/0 [anywhere]/0
  107.  
  108. Chain OUTPUT (policy ACCEPT)
  109. target prot opt source destination
  110. ufw-before-logging-output all -- [anywhere]/0 [anywhere]/0
  111.  
  112. ufw-before-output all -- [anywhere]/0 [anywhere]/0
  113. ufw-after-output all -- [anywhere]/0 [anywhere]/0
  114. ufw-after-logging-output all -- [anywhere]/0 [anywhere]/0
  115.  
  116. ufw-reject-output all -- [anywhere]/0 [anywhere]/0
  117. ufw-track-output all -- [anywhere]/0 [anywhere]/0
  118.  
  119. Chain f2b-sshd (1 references)
  120. target prot opt source destination
  121. REJECT all -- ***.***.***.*** [anywhere]/0 reject-with ic
  122. mp-port-unreachable
  123. REJECT all -- ***.***.***.*** [anywhere]/0 reject-with
  124. icmp-port-unreachable
  125. REJECT all -- ***.***.***.*** [anywhere]/0 reject-with i
  126. cmp-port-unreachable
  127. REJECT all -- ***.***.***.*** [anywhere]/0 reject-with i
  128. cmp-port-unreachable
  129. REJECT all -- ***.***.***.*** [anywhere]/0 reject-with i
  130. cmp-port-unreachable
  131. REJECT all -- ***.***.***.*** [anywhere]/0 reject-with ic
  132. mp-port-unreachable
  133. REJECT all -- ***.***.***.*** [anywhere]/0 reject-with i
  134. cmp-port-unreachable
  135. RETURN all -- [anywhere]/0 [anywhere]/0
  136.  
  137. Chain ufw-after-forward (1 references)
  138. target prot opt source destination
  139.  
  140. Chain ufw-after-input (1 references)
  141. target prot opt source destination
  142. ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0
  143. udp dpt:137
  144. ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0
  145. udp dpt:138
  146. ufw-skip-to-policy-input tcp -- [anywhere]/0 [anywhere]/0
  147. tcp dpt:139
  148. ufw-skip-to-policy-input tcp -- [anywhere]/0 [anywhere]/0
  149. tcp dpt:445
  150. ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0
  151. udp dpt:67
  152. ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0
  153. udp dpt:68
  154. ufw-skip-to-policy-input all -- [anywhere]/0 [anywhere]/0
  155. ADDRTYPE match dst-type BROADCAST
  156.  
  157. Chain ufw-after-logging-forward (1 references)
  158. target prot opt source destination
  159. LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3
  160. /min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  161.  
  162. Chain ufw-after-logging-input (1 references)
  163. target prot opt source destination
  164. LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3
  165. /min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  166.  
  167. Chain ufw-after-logging-output (1 references)
  168. target prot opt source destination
  169.  
  170. Chain ufw-after-output (1 references)
  171. target prot opt source destination
  172.  
  173. Chain ufw-before-forward (1 references)
  174. target prot opt source destination
  175. ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELA
  176. TED,ESTABLISHED
  177. ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 3
  178. ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 11
  179. ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 12
  180. ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 8
  181. ufw-user-forward all -- [anywhere]/0 [anywhere]/0
  182.  
  183. Chain ufw-before-input (1 references)
  184. target prot opt source destination
  185. ACCEPT all -- [anywhere]/0 [anywhere]/0
  186. ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELA
  187. TED,ESTABLISHED
  188. ufw-logging-deny all -- [anywhere]/0 [anywhere]/0 ctsta
  189. te INVALID
  190. DROP all -- [anywhere]/0 [anywhere]/0 ctstate INVA
  191. LID
  192. ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 3
  193. ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 11
  194. ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 12
  195. ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 8
  196. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp spt:67 d
  197. pt:68
  198. ufw-not-local all -- [anywhere]/0 [anywhere]/0
  199. ACCEPT udp -- [anywhere]/0 ***.***.***.*** udp dpt:535
  200. 3
  201. ACCEPT udp -- [anywhere]/0 ***.***.***.*** udp dpt:1900
  202. ufw-user-input all -- [anywhere]/0 [anywhere]/0
  203.  
  204. Chain ufw-before-logging-forward (1 references)
  205. target prot opt source destination
  206.  
  207. Chain ufw-before-logging-input (1 references)
  208. target prot opt source destination
  209.  
  210. Chain ufw-before-logging-output (1 references)
  211. target prot opt source destination
  212.  
  213. Chain ufw-before-output (1 references)
  214. target prot opt source destination
  215. ACCEPT all -- [anywhere]/0 [anywhere]/0
  216. ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELA
  217. TED,ESTABLISHED
  218. ufw-user-output all -- [anywhere]/0 [anywhere]/0
  219.  
  220. Chain ufw-logging-allow (0 references)
  221. target prot opt source destination
  222. LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3
  223. /min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
  224.  
  225. Chain ufw-logging-deny (2 references)
  226. target prot opt source destination
  227. RETURN all -- [anywhere]/0 [anywhere]/0 ctstate INVA
  228. LID limit: avg 3/min burst 10
  229. LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3
  230. /min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  231.  
  232. Chain ufw-not-local (1 references)
  233. target prot opt source destination
  234. RETURN all -- [anywhere]/0 [anywhere]/0 ADDRTYPE mat
  235. ch dst-type LOCAL
  236. RETURN all -- [anywhere]/0 [anywhere]/0 ADDRTYPE mat
  237. ch dst-type MULTICAST
  238. RETURN all -- [anywhere]/0 [anywhere]/0 ADDRTYPE mat
  239. ch dst-type BROADCAST
  240. ufw-logging-deny all -- [anywhere]/0 [anywhere]/0 limit
  241. : avg 3/min burst 10
  242. DROP all -- [anywhere]/0 [anywhere]/0
  243.  
  244. Chain ufw-reject-forward (1 references)
  245. target prot opt source destination
  246.  
  247. Chain ufw-reject-input (1 references)
  248. target prot opt source destination
  249.  
  250. Chain ufw-reject-output (1 references)
  251. target prot opt source destination
  252.  
  253. Chain ufw-skip-to-policy-forward (0 references)
  254. target prot opt source destination
  255. DROP all -- [anywhere]/0 [anywhere]/0
  256.  
  257. Chain ufw-skip-to-policy-input (7 references)
  258. target prot opt source destination
  259. DROP all -- [anywhere]/0 [anywhere]/0
  260.  
  261. Chain ufw-skip-to-policy-output (0 references)
  262. target prot opt source destination
  263. ACCEPT all -- [anywhere]/0 [anywhere]/0
  264.  
  265. Chain ufw-track-forward (1 references)
  266. target prot opt source destination
  267.  
  268. Chain ufw-track-input (1 references)
  269. target prot opt source destination
  270.  
  271. Chain ufw-track-output (1 references)
  272. target prot opt source destination
  273. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 ctstate NEW
  274. ACCEPT udp -- [anywhere]/0 [anywhere]/0 ctstate NEW
  275.  
  276. Chain ufw-user-forward (1 references)
  277. target prot opt source destination
  278.  
  279. Chain ufw-user-input (1 references)
  280. target prot opt source destination
  281. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:20
  282. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:21
  283. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:22
  284. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:25
  285. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:53
  286. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:80
  287. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:110
  288. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:143
  289. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:443
  290. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:465
  291. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:587
  292. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:993
  293. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:995
  294. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:3306
  295. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8080
  296. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8081
  297. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:1000
  298. 0
  299. ACCEPT tcp -- [anywhere]/0 [anywhere]/0 multiport dp
  300. orts 40110:40210
  301. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:53
  302. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:3306
  303. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:20
  304. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:21
  305. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:22
  306. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:25
  307. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:80
  308. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:110
  309. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:143
  310. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:443
  311. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:465
  312. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:587
  313. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:993
  314. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:995
  315. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:8080
  316. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:8081
  317. ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:1000
  318. 0
  319. ACCEPT udp -- [anywhere]/0 [anywhere]/0 multiport dp
  320. orts 40110:40210
  321.  
  322. Chain ufw-user-limit (0 references)
  323. target prot opt source destination
  324. LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3
  325. /min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
  326. REJECT all -- [anywhere]/0 [anywhere]/0 reject-with
  327. icmp-port-unreachable
  328.  
  329. Chain ufw-user-limit-accept (0 references)
  330. target prot opt source destination
  331. ACCEPT all -- [anywhere]/0 [anywhere]/0
  332.  
  333. Chain ufw-user-logging-forward (0 references)
  334. target prot opt source destination
  335.  
  336. Chain ufw-user-logging-input (0 references)
  337. target prot opt source destination
  338.  
  339. Chain ufw-user-logging-output (0 references)
  340. target prot opt source destination
  341.  
  342. Chain ufw-user-output (1 references)
  343. target prot opt source destination
RAW Paste Data