I was considering deploying my web application on a Debian virtual machine. However, I want to lock it down as tight as possible (i.e. traffic in/out). I was wondering which, if any, port I needed to leave open to allow for updates.
Asked
Active
Viewed 4.2k times
2 Answers
14
All a default Debian install needs for updates is DNS traffic for name->address lookups (though you can remove this requirement by having the relevant names in your /etc/hosts file) and HTTP traffic to the servers listed in your sources.list file.
David Spillett
- 23,830
4
Just about all apt-get sources use http, check your /etc/apt/sources.list.
You can also check the ruleset of iptables or ipchains to see if there is a rule that affects apt-gets usage.
DataPimp
- 371