Hello all. I'm a novice, so if this is all nonsense or I'm missing something easy please forgive me.
I'm still using more or less what I installed from Knoppix 3.2, with which I am happy enough. When I first did the installation I closed all open ports apart from 631 - the one used by CUPS. The security howto advises to close this one as well, but I couldn't work out how to do this - and I still cannot. I am behind Shorewall, but on first principles I want that port closed. The snag is, it appears to me to be impossible. Checking /etc/cups/cupsd.conf, I found the place where port 631 is allocated, but commenting this out prevents CUPS from working. Changing it to 'Listen hostname' (as listed in cupsd.conf) is no better. In both cases, trying to print produced the error message 'Connection to CUPS server failed. Check that CUPS is correctly installed.' Googling, I found more advice to close 631 if you have no LAN, but no explanation of how to do it. There was, however, advice on setting up a network, and this said that the following (default) Location section in cupsd.conf allows no access that does not originate from your own computer: <Location/> Order Deny, Allow Deny from all Allow from 127.0.0.1 </Location> Now, this is what is already set up, but netstat still shows cupsd as LISTENING. So is it the case, as it now seems to me, that CUPS must have a port open to work, LAN or no LAN, but that it can still block access even so? And doesn't this mean that my computer is attracting attention like the well-lit window of a closed store? Or it will be if Shorewall fails. Or is there in fact a way to close the port? Again, sorry if this is all nonsense, or if I'm missing something obvious. Geoff -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
