Red Hat ENTERPRISE LINUX 3 - INSTALLATION GUIDE FOR X86-ITANIUMTM-AMD64 AND INTEL EXTENDED MEMORY 64 TECHNOLO Installation Manual page 57

Chapter 4. Installing Red Hat Enterprise Linux
Enabling WWW (HTTP) does not open a port for HTTPS. To enable HTTPS, specify it in the
Other ports field.
FTP
The FTP protocol is used to transfer files between machines on a network. If you plan on making
your FTP server publicly available, enable this option. You must install the
this option to be useful.
SSH
Secure SHell (SSH) is a suite of tools for logging in to and executing commands on a remote
machine. If you plan to use SSH tools to access your machine through a firewall, enable this op-
tion. You need to have the
remotely, using SSH tools.
Telnet
Telnet is a protocol for logging in to remote machines. Telnet communications are unencrypted
and provide no security from network snooping. Allowing incoming Telnet access is not recom-
mended. To allow inbound Telnet access, you must install the
Mail (SMTP)
If you want to allow incoming mail delivery through your firewall, so that remote hosts can
connect directly to your machine to deliver mail, enable this option. You do not need to enable
this if you collect your mail from your ISP's server using POP3 or IMAP, or if you use a tool such
as . Note that an improperly configured SMTP server can allow remote machines to
fetchmail
use your server to send spam.
You can allow access to ports which are not listed here by listing them in the Other ports field. Use
the following format: port:protocol. For example, if you want to allow IMAP access through
your firewall, you can specify imap:tcp. You can also explicitly specify numeric ports; to allow
UDP packets on port 1234 through the firewall, enter 1234:udp. To specify multiple ports, separate
them with commas.
Finally, select any devices should allow access to your system for all traffic from that device.
Selecting any of these trusted devices excludes them from the firewall rules. For example, if you are
running a local network, but are connected to the Internet via a PPP dialup, you can check eth0 and
any traffic coming from your local network is allowed. Selecting eth0 as trusted means all traffic over
the Ethernet is allowed, but the ppp0 interface is still firewalled. If you want to restrict traffic on an
interface, leave it unchecked.
It is not recommended that you make any device that is connected to public networks, such as the
Internet, a trusted device.
Tip
To change your security level configuration after you have completed the installation, use the Security
Level Configuration Tool.
Type the
redhat-config-securitylevel
Configuration Tool. If you are not root, it prompts you for the root password to continue.
package installed in order to access your machine
openssh-server
command in a shell prompt to launch the Security Level
vsftpd
package.
telnet-server
45
package for