Christian Seiler wrote:
> Bill wrote:
> > what uses them and why shouldn't I close them?
> > (I'm assuming there must be a good reason to have wide open ports.)
It is debatable whether the old Sun RPC services should be installed
by default. I do use and manage NFS but
On 05/09/2015 01:25 PM, Bill wrote:
> I'm still running wheezy but noticed a couple of open ports the other
> day. This is just a simple laptop - no nfs access needed, no need for a
> networked port mapper, and certainly not a dns server.
>
> So why are they there,
Well,
Hi,
I'm still running wheezy but noticed a couple of open ports the other
day. This is just a simple laptop - no nfs access needed, no need for a
networked port mapper, and certainly not a dns server.
So why are they there, what uses them and why shouldn't I close them?
(I'm
Howdy,
On Mon, Jul 23, 2012 at 01:21:55PM -0500, Charles Kroeger wrote:
> I'm thinking my firewall 'Shorewall' encompasses an extensive enough design to
> cover any attempts of intrusion that may occur, I do notice notwithstanding,
> that
> although ports 0 and 1 are closed, they still show up on
Charles Kroeger wrote:
> PORT STATE SERVICE
> 25/tcp open smtp
> 53/tcp open domain
> 111/tcp open rpcbind
> 631/tcp open ipp
> 6566/tcp open sane-port
That seems pretty reasonable. Except if you aren't using NFS and
don't need the portmapper (rpcbind) then I would uninstall it.
>
>Try probing your system with nmap and see what it
> says.
> nmap localhost
Thanks for this information, I didn't have nmap installed..however after I did
install nmap I received this:
/charles# nmap localhost
Starting Nmap 6.00 ( http://nmap.org ) at 2012-07-23 22:30 CDT
Nmap scan report for
Charles Kroeger wrote:
> I'm thinking my firewall 'Shorewall' encompasses an extensive enough design to
> cover any attempts of intrusion that may occur, I do notice notwithstanding,
> that
> although ports 0 and 1 are closed, they still show up on test like grc.com's
> 'shields-up' port scanner.
I'm thinking my firewall 'Shorewall' encompasses an extensive enough design to
cover any attempts of intrusion that may occur, I do notice notwithstanding,
that
although ports 0 and 1 are closed, they still show up on test like grc.com's
'shields-up' port scanner.
I know that 0 is not a port and
On Mon, Aug 29, 2011 at 02:46:52PM +0200, yudi v wrote:
>
>
> Probably portmap...
>
> See if it's installed
> $ dpkg --get-selections portmap
>
> If it is, and it bothers you, it can be removed - check and see if
> anything
> uses it:-
> # apt-get -s remove portmap | le
>
> Probably portmap...
>
> See if it's installed
> $ dpkg --get-selections portmap
>
> If it is, and it bothers you, it can be removed - check and see if anything
> uses it:-
> # apt-get -s remove portmap | less
>
> If it's the only package to be removed:-
> # apt-get --purge remove portmap
>
> Ch
On 29/08/11 18:35, yudi v wrote:
I purged the above files but still have� the following service running.
111/tcp open� rpcbind
--
Kind regards,
Yudi
Probably portmap...
See if it's installed
$ dpkg --get-selections portmap
If it is, and it bothers you, it can be removed - check a
>
> The following packages will be REMOVED:
> cifs-utils libnfsidmap2 nfs-common nfs-kernel-server samba samba-common
> samba-common-bin samba-doc smbclient smbfs swat winbind
> 0 upgraded, 0 newly installed, 12 to remove and 4 not upgraded.
> Remv smbfs [2:4.5-2]
> Remv cifs-utils [2:4.5-2]
>
>
> # apt-get --purge remove libnfsidmap2 nfs-common samba
>
> if you don't use samba at all (cifs-utils samba samba-common
> samba-common-bin smbfs) then change "samba" to "samba*"
>
> I'd suggest using -s instead of --purge first - just in case samba was
> originally pulled in by another package
http://myip.dk/ will give you the remote access address. Just ssh to the
displayed address. I'd suggest you try - it's easier than just believing
everything you read on whirlpool. The signal to noise ratio there can be
bad. Exetel have good tech support - Vodaphail don't even know where their
tower
On 28/08/11 18:37, yudi v wrote:
my system IP for ppp0 is 101.***.***.*** and it's not static.
but from what I can remember all postpaid accounts in Australia have
10.***.***.*** addresses and are behind NAT.
I've yet to see any (non-SLA business class) USB UMTS modems by any of
the
> I use postpaid mobile broadband and my IP is both the system address and
>> the gateway. There is no NAT with postpaid service, it's only available
>> with prepaid in Australia. Not sure why.
>>
>
> Not sure what you mean there I suspect you mean only postpaid allow a
> static IP address (for
On 28/08/11 11:39, yudi v wrote:
Just to clarify my post.
This is a new install and I was a bit careless while installing. It has
no data on it. I was more concerned with LUKS+LVM working at install. I
did not realize I selected to install SSH, I do not use Samba or NFS not
sure how those got ins
Just to clarify my post.
This is a new install and I was a bit careless while installing. It has no
data on it. I was more concerned with LUKS+LVM working at install. I did not
realize I selected to install SSH, I do not use Samba or NFS not sure how
those got installed. Again it might have been an
On Sat, Aug 27, 2011 at 5:05 PM, yudi v wrote:
> Nmap suggests the following ports are open:
>
> 25/tcp open smtp
> 111/tcp open rpcbind
> 139/tcp open netbios-ssn
> 445/tcp open microsoft-ds
> 631/tcp open ipp
> 901/tcp open samba-swat
> 2049/tcp open nfs
>
> Which nmap command did
Hi,
> ipp is CUPS, the network printing server, and you know whether you need
> that.
Now that you mention it... I also see cups listening on all devices:
$ sudo netstat -nlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
On 08/27/2011 02:43 PM, Brian wrote:
A natural history expedition searching for unicorns and dodos would have
as much success as these two programs are likely to have.
I was once on a natural history expedition. We found no unicorns, but we
did find dodos. We weren't looking for them, but we
On Sat 27 Aug 2011 at 17:16:16 +0100, Joe wrote:
> On Sun, 28 Aug 2011 01:05:47 +1000
> yudi v wrote:
> >
> > how can I find out if this system has been compromised?
>
> You can try chkrootkit and rkhunter, but the latter at least works
A natural history expedition searching for unicorns and d
On Sun 28 Aug 2011 at 01:05:47 +1000, yudi v wrote:
> Nmap suggests the following ports are open:
>
> 25/tcp open smtp
> 111/tcp open rpcbind
> 139/tcp open netbios-ssn
> 445/tcp open microsoft-ds
> 631/tcp open ipp
> 901/tcp open samba-swat
> 2049/tcp open nfs
>
> I run a desktop
On 8/27/2011 11:38 AM, Brad Alexander wrote:
> Ports 139, 445 and 901 are samba running. Port 631 is cups, your printer
> driver. 111 and 2049 are for NFS. If you don't need them, you should be
> able to turn them off...If you do need it, then you should be able to
> firewall it, using iptables to
ufw application and several other 'firewalls' are front ends to
iptables/netfilter, the actual packet filter.
Use netstat to check what services you have listening, and on which
interfaces. Most services can be configured to listen only to some
interfaces, and many only need to use localho
Ports 139, 445 and 901 are samba running. Port 631 is cups, your printer
driver. 111 and 2049 are for NFS. If you don't need them, you should be
able to turn them off...If you do need it, then you should be able to
firewall it, using iptables to limit access to the hosts or subnets you
need.
On S
Nmap suggests the following ports are open:
25/tcp open smtp
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
901/tcp open samba-swat
2049/tcp open nfs
I run a desktop email client that uses smtp apart from that I do not know
why rest of the a
Oliver Lupton wrote:
On Wed, 22 Feb 2006 17:31:49 -0500
Stephen R Laniel <[EMAIL PROTECTED]> wrote:
On Wed, Feb 22, 2006 at 10:26:05PM +, Oliver Lupton wrote:
My router/firewall blocks all ports, including those over 1023 (1024?)
I assume you mean that your router *can*, not that it
ne
Akbulut wrote:
> > hi all,
> > i am now behind a firewall [at dormitory], and i want to check open ports.
> > is there a handy program that does this job for me ;)
>
> nmap will do it if you know your IP address and can run nmap from another
> network.
>
> BTW, a
try command "nmap ip_address"
On Thu, 2006-02-23 at 00:12 +, Oliver Lupton wrote:
> On Wed, 22 Feb 2006 17:31:49 -0500
> Stephen R Laniel <[EMAIL PROTECTED]> wrote:
>
> > On Wed, Feb 22, 2006 at 10:26:05PM +, Oliver Lupton wrote:
> > > My router/firewall blocks all ports, including those
On Wed, 22 Feb 2006 17:31:49 -0500
Stephen R Laniel <[EMAIL PROTECTED]> wrote:
> On Wed, Feb 22, 2006 at 10:26:05PM +, Oliver Lupton wrote:
> > My router/firewall blocks all ports, including those over 1023 (1024?)
>
> I assume you mean that your router *can*, not that it
> necessarily does.
On Wed, 2006-02-22 at 16:24 -0500, Stephen R Laniel wrote:
> On Wed, Feb 22, 2006 at 11:18:41PM +0200, Mehmet Fatih Akbulut wrote:
> > i am now behind a firewall [at dormitory], and i want to check open ports.
> > is there a handy program that does this job for me ;)
> > want
On Wednesday 22 February 2006 13:18, Mehmet Fatih Akbulut wrote:
> hi all,
> i am now behind a firewall [at dormitory], and i want to check open ports.
> is there a handy program that does this job for me ;)
nmap will do it if you know your IP address and can run nmap from another
netw
On Wed, 22 Feb 2006 16:24:54 -0500
Stephen R Laniel <[EMAIL PROTECTED]> wrote:
> it's not going to tell you that ports 8080 and above are
> open, because they always are.
My router/firewall blocks all ports, including those over 1023 (1024?)
Cheers,
-ol
--
I will live forever, or die trying.
On Wed, Feb 22, 2006 at 10:26:05PM +, Oliver Lupton wrote:
> My router/firewall blocks all ports, including those over 1023 (1024?)
I assume you mean that your router *can*, not that it
necessarily does. It seems like it would be awfully
inconvenient to block all such ports, given that program
On Wed, Feb 22, 2006 at 11:18:41PM +0200, Mehmet Fatih Akbulut wrote:
> i am now behind a firewall [at dormitory], and i want to check open ports.
> is there a handy program that does this job for me ;)
> want to find an open port for apache to run.
> because 80. port blocked to people
hi all,i am now behind a firewall [at dormitory], and i want to check open ports. is there a handy program that does this job for me ;)want to find an open port for apache to run. because 80. port blocked to people outside the dorm.
i both need an openport seeker program and info if apache will
Hi Rutger,
> PORTSTATE SERVICE
> 22/tcp open ssh
> 25/tcp open smtp
> 80/tcp open http
> 111/tcp open rpcbind
> 113/tcp open auth
> 903/tcp open iss-console-mgr
Before starting nmap, use netstat.
You can find out which program uses which port with
netstat -tulpen
for your in
port 111 will be used by rpc processes like NIS and NFS.
port 113 is identd, used to identify the "owner" of a connection.
port 903... I'm not sure.
If you box is up on the world. I would suggest making a iptables(or
equivilent) script that will block all but the wanted ports.
IE, having the
On 00:54 Wed 23 Nov , Rutger Wessels wrote:
> Hello,
>
> I administer a debian installation that is connected to the Internet.
> When I run nmap, I found the following:
> Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-23 00:29 CET
> Interesting ports on xx
> (The 1657
On Wed, 23 Nov 2005 00:54:13 +0100
Rutger Wessels <[EMAIL PROTECTED]> wrote:
> 113/tcp open auth
That's an 'ident' daemon I believe. _very_ primitive "security", some braindead
IRC networks require it to be running and doubtlessly other things will require
it too.
HTH
-ol
--
I will live for
Hello,
I administer a debian installation that is connected to the Internet.
When I run nmap, I found the following:
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-23 00:29 CET
Interesting ports on xx
(The 1657 ports scanned but not shown below are in state: closed)
POR
On Thu, 19 Aug 2004 19:44:06 -0600, Dana J. Laude <[EMAIL PROTECTED]> wrote:
> Or better yet, Jon should checkout the following link:
> http://www.debian.org/doc/user-manuals#securing
>
> The harden-doc is outdated except on unstable, so you're better
> off reading the online version at the above
On Tuesday 21 September 2004 11:57, Tom Allison wrote:
> [EMAIL PROTECTED] wrote:
> >>If a port is open, and associated with a program which isn't from a
> >>debian package and you don't believe you put it there yourself -
> >> its time to consider the possibility your machine has been
> >> comprom
On Wednesday September 22 at 02:36pm
Dave Howorth <[EMAIL PROTECTED]> wrote:
> Tom Allison wrote:
> > More importantly today is to understand how 99.9% of the virus and
> > malware is transmitted today. It's not through unfiltered ports and
> > such as described in your original email, but throu
Tom Allison wrote:
More importantly today is to understand how 99.9% of the virus and
malware is transmitted today. It's not through unfiltered ports and
such as described in your original email, but through the email
mechanism (or http) itself. And while I don't have any hard numbers at
my d
On Tuesday 21 September 2004 04:57, Tom Allison wrote:
> > At the risk of provoking the usual "WELL GO RUN WINDOWS THEN!!!"
> > knee-jerk reaction, I will mention that the Gatesware-based firewall
> > packages (like "Zone Alarm") will detect *outgoing* connection attempts
> > and query whether the
[EMAIL PROTECTED] wrote:
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself - its
time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
At the risk of
ShieldsUP! isn't a firewall, it's just a service which port scans you and
tells you the results.
Mezig said:
> [EMAIL PROTECTED] wrote:
>
> For a fast but supposed secure FW, can't you use 'ShieldUP' from the site :
>
> http://www.grc.com/ ? It close all the ports under nux and win-sheet too
> :(!
[EMAIL PROTECTED] wrote:
On Mon, 23 Aug 2004 13:05:00 +0800, "Katipo" <[EMAIL PROTECTED]>
said:
In any case, I've as yet been unable to find any way of getting
detection and authorization of outgoing requests with any
of the Linux firewalls, or with IPtables - although I can hardly say
that
I've
On Mon, 23 Aug 2004 13:05:00 +0800, "Katipo" <[EMAIL PROTECTED]>
said:
> >In any case, I've as yet been unable to find any way of getting
> >detection and authorization of outgoing requests with any
> >of the Linux firewalls, or with IPtables - although I can hardly say
> >that
> >I've thoroughly
rsday, 26 August 2004 9:07 a.m.
To: [EMAIL PROTECTED]
Subject: Re: All these open ports
> So what are exactly are you worried about? A program uploading
> sensitive data to a random server? Well the easiest way for a program
> to do that is to invoke sendmail to e-mail the information to
> So what are exactly are you worried about? A program uploading
> sensitive data to a random server? Well the easiest way for a program
> to do that is to invoke sendmail to e-mail the information to the
> server. In which case the program never attempts to open a port, your
> m-t-a does. Yo
[EMAIL PROTECTED] wrote:
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself - its
time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
At the risk of
[EMAIL PROTECTED] wrote:
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself - its
time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
<>
In an
> You could get something close to Zone Alarm (minus the application
> permissions stuff) with a very short iptables script which set the
> policies for INPUT and FORWARD to DROP, and OUTPUT to ACCEPT, and adding
> a couple of rules for allowing related and established connections on
> the INPUT c
> If a port is open, and associated with a program which isn't from a
> debian package and you don't believe you put it there yourself - its
> time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
At the risk of provoking the usu
x27;t need. This should do (at least)
discard, echo, daytime.
Then, determine which programs are responsible for the remaining open
ports. Stop them from running and prevent them from starting by
default if necessary. How to do this varies on an
application-to-application basis; but can probably be fo
don't need. This should do (at least)
discard, echo, daytime.
Then, determine which programs are responsible for the remaining open
ports. Stop them from running and prevent them from starting by
default if necessary. How to do this varies on an
application-to-application basis; but can pro
Generally speaking, to close a port, you shut down whatever deamon is
listening on it. For example, if you had port 80 open, and want to
close it, shut down your web server (apache or whatever else).
Same with ssh - to close that port, shut down sshd.
On Fri, 13 Aug 2004 21:56:17 -0400, Tong <[EM
[EMAIL PROTECTED] wrote:
> ...
> Thus far, I haven't been able to find anything that provides
> canned-up functionality of the nature of the Windows "Zone Alarm",
> although I can probably overcome that by iptables scripting,
> whereas with the Windows firewalls you get whatever is there
> and have
>> There are other available packages:
>> I use FireHOL
>
>I used to use iptables + wondershaper in RH. I notice there are many
>ready-made firewall packages available in Debian. I'm wondering which one
>is recommended (ease to use/updated frequently, etc)?
So am I, but I don't think this is the
On Sat, 14 Aug 2004 11:07:58 +0200, Jerome BENOIT wrote:
>>>Buy a firewall or set up iptables.
>>
>> You can just load the Firestarter package; it will allow you to block
>> ports (via a generated iptables script).
>
> There are other available packages:
> I use FireHOL
I used to use iptables +
On Fri, 13 Aug 2004 23:55:46 -0600, s. keeling wrote:
> Incoming from [EMAIL PROTECTED]:
>>
>> >I've just noticed that my debian testing open many ports by default:
>> >
>> >tcp0 0 *:dict *:* LISTEN
>>
>> I'm curious which utility produced th
[EMAIL PROTECTED] wrote:
I've just noticed that my debian testing open many ports by default:
tcp0 0 *:dict *:* LISTEN
tcp0 0 *:time *:* LISTEN
tcp0 0 *:discard *:
Hello
Tong (<[EMAIL PROTECTED]>) wrote:
> I've just noticed that my debian testing open many ports by default:
Some of them are opened by inetd. You can use "dpkg-reconfigure inetd",
or edit /etc/inetd.conf and comment out the protocols you don't need.
After that, restart inetd.
> tcp0
Incoming from [EMAIL PROTECTED]:
>
> >I've just noticed that my debian testing open many ports by default:
> >
> >tcp0 0 *:dict *:* LISTEN
>
> I'm curious which utility produced that listing; I haven't seen "lsof"
> produce that - ?
That woul
>I've just noticed that my debian testing open many ports by default:
>
>tcp0 0 *:dict *:* LISTEN
>tcp0 0 *:time *:* LISTEN
>tcp0 0 *:discard *:*
On Fri, Aug 13, 2004 at 09:56:17PM -0400, Tong wrote:
> Hi,
>
> I've just noticed that my debian testing open many ports by default:
Uninstall the respective services. Or, use a firewalling system
(dedicated firewall, iptables, etc...)
To find out what service uses what port:
stefan:~$ sudo l
Hi,
I've just noticed that my debian testing open many ports by default:
tcp0 0 *:dict *:* LISTEN
tcp0 0 *:time *:* LISTEN
tcp0 0 *:discard *:*
Hi everyone,
I'm working on a web site that includes streamed rich media files. I need
a way to test to see which ports the user can access if they're behind a
firewall. I'm guess that I need to try and send them an object (a picture
maybe?) on one of the ports I need information about and then se
On Friday 28 May 2004 16:25, Emma Jane Hogbin hurled the following on the
wire:
> On Fri, May 28, 2004 at 07:08:24AM -0700, Alvin Oga wrote:
> > grab the plug-info from the users browser ( if its setup to tell you )
> >
> > use nmap or any port scanner to see if you can scan that port you
> > want
On Fri, 28 May 2004, Emma Jane Hogbin wrote:
> > any secure site will only allow port 80 or port 443 for web ...
>
> It's not the server I'm testing, it's the user. Some streaming video
that "secure site" works both ways ... user or server ..
> (RealPlayer) doesn't come through on regular port
On Fri, May 28, 2004 at 07:08:24AM -0700, Alvin Oga wrote:
> grab the plug-info from the users browser ( if its setup to tell you )
>
> use nmap or any port scanner to see if you can scan that port you
> want on their machine
This is the one I need to know about. Sorry to be so dense, but if I
g
On Fri, 28 May 2004 09:59:20 -0400
Emma Jane Hogbin <[EMAIL PROTECTED]> wrote:
> On Thu, May 27, 2004 at 10:32:20PM -0700, Alvin Oga wrote:
> > > I'm working on a web site that includes streamed rich media files.
> > > I need a way to test to see which ports the user can access if
> > > they're be
On Friday 28 May 2004 15:59, Emma Jane Hogbin hurled the following on the
wire:
> On Thu, May 27, 2004 at 10:32:20PM -0700, Alvin Oga wrote:
> > > I'm working on a web site that includes streamed rich media files. I
> > > need a way to test to see which ports the user can access if they're
> > > b
On Thu, May 27, 2004 at 10:32:20PM -0700, Alvin Oga wrote:
> > I'm working on a web site that includes streamed rich media files. I need
> > a way to test to see which ports the user can access if they're behind a
> > firewall. I'm guess that I need to try and send them an object (a picture
> > may
n also come
into their secure box thru those open ports
- imho, people should download what they want ... not be sent stuff they
dont want .. no clickie, no object to come down the pike
- you know the pic was received ... by looking at your logs
and see that xxx bytes of that file was s
Lo, on Wednesday, June 5, Paul Johnson did write:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Wed, Jun 05, 2002 at 02:32:00PM -0400, tvn1981 wrote:
>
> > 9/tcp opendiscard
>
> Not sure myself...
Standard TCP service; routes everything written to that
On Wed, 2002-06-05 at 13:32, tvn1981 wrote:
>
> Hi, I have the following ports open and I am not sure what they are.
> Whether or not they are really needed. My other Linux box (rh) doesn't
> have these so I am wondering what these are in Debian
>
> 9/tcp opendiscard
On Wednesday 05 June 2002 02:57 pm, Paul Johnson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Wed, Jun 05, 2002 at 02:32:00PM -0400, tvn1981 wrote:
> > 9/tcp opendiscard
>
> Not sure myself...
>
$ cat //etc/services| grep 9/tcp
discard 9/tcp sink n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jun 05, 2002 at 02:32:00PM -0400, tvn1981 wrote:
> 9/tcp opendiscard
Not sure myself...
> 13/tcp opendaytime
> 37/tcp opentime
On 5 Jun 2002, tvn1981 wrote:
>
> Hi, I have the following ports open and I am not sure what they are.
> Whether or not they are really needed. My other Linux box (rh) doesn't
> have these so I am wondering what these are in Debian
>
> 9/tcp opendiscard
> 13/tcp opendaytim
Hi, I have the following ports open and I am not sure what they are.
Whether or not they are really needed. My other Linux box (rh) doesn't
have these so I am wondering what these are in Debian
9/tcp opendiscard
13/tcp opendaytime
Under the netfilter model, this is known as DNAT (Destination NAT,
because it is the destination field of incoming packets that is being
rewritten).
you'll want something like the following:
iptables -t nat -A PREROUTING -d $extip -p tcp --dport 135 -j DNAT
--to-destination 192.168.1.1
(also se
> > > doing a search for -dport or -sport for source and destination ports
> > >
> > thank you for your reply, but I am not getting much wiser with this
> > document. I learn by examples. I was thinking about this:
> > iptables -A INPUT -i eth0 -d 212.127.10.10 -dport 135 -j ACCEPT
> > iptables -A
On Sun, Apr 29, 2001 at 04:20:14PM -0300, Rogerio Bastos wrote:
>
> Another usefull thing to do when the port you want to close is not listed on
> /etc/services and you don't have a clue of what service is binded to that
> port is to run (as root) fuser -a -n proto port, where proto may be tcp,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sunday 29 April 2001 05:13, Michael Earls wrote:
> What file do i need to edit to close open ports,
>
> ex, port 111 /tcp sunrpc
> 515/ tcp printer
> 2000/ tcp callback
>
Another usefull thing to do when
On Sun, Apr 29, 2001 at 11:38:25AM -0700, Michael Earls wrote:
> that was great info, but i do not need to masq any ips, i just need to
> limit the ports being open, i have edited inetd.conf, but there were some
> ports not listed in there. here is a port scan on my box,
>
> [EMAIL PROTECTED] m
On Sun, Apr 29, 2001, Michael Earls wrote:
> that was great info, but i do not need to masq any ips, i just need to
> limit the ports being open, i have edited inetd.conf, but there were some
> ports not listed in there. here is a port scan on my box,
>
Mike,
Hi. I just joined thread so I can
Aoki
Sent: Sunday, April 29, 2001 2:05 AM
To: Michael Earls
Cc: debian-user@lists.debian.org
Subject: Re: closeing open ports
On Sun, Apr 29, 2001 at 01:38:33AM -0700, Michael Earls wrote:
> What is a good starting point / reference point on ipchains. I have it
> installedx but not confi
On Sun, Apr 29, 2001 at 01:38:33AM -0700, Michael Earls wrote:
> What is a good starting point / reference point on ipchains. I have it
> installedx but not config. Is there a file that i can edit for ipchains?
>
> I only need 21 ftp 22 ssh 25 smtp 80 http
You may want to open auth too.
Closing
[mailto:[EMAIL PROTECTED]
Sent: Saturday, April 28, 2001 10:21 PM
To: Michael Earls
Cc: debian-user@lists.debian.org
Subject: Re: closeing open ports
On Sun, Apr 29, 2001 at 01:13:07AM -0700, Michael Earls wrote:
> What file do i need to edit to close open ports,
>
> ex, port 111 /t
On Sun, Apr 29, 2001 at 01:13:07AM -0700, Michael Earls wrote:
> What file do i need to edit to close open ports,
>
> ex, port 111 /tcp sunrpc
> 515/ tcp printer
> 2000/ tcp callback
>
Also comment out everything you don't need in -
/etc/inet
On Sun, Apr 29, 2001 at 01:13:07AM -0700, Michael Earls wrote:
> What file do i need to edit to close open ports,
>
> ex, port 111 /tcp sunrpc
> 515/ tcp printer
> 2000/ tcp callback
Run the command -
# lsof | grep LISTEN
This is another option -
$ les
On Sun, Apr 29, 2001 at 01:13:07AM -0700, Michael Earls wrote:
> What file do i need to edit to close open ports,
>
> ex, port 111 /tcp sunrpc
> 515/ tcp printer
> 2000/ tcp callback
Install and configure ipchains. There are various firewall packag
What file do i need
to edit to close open ports,
ex, port 111 /tcp
sunrpc
515/ tcp printer
2000/ tcp callback
Thanks for your
time
michael
On Sat, Feb 17, 2001 at 10:46:40PM -0800, [EMAIL PROTECTED] wrote:
>
> the best way ive found to disable portmap is to rename /sbin/portmap
> to something else. there are so many different things that may call
> on it, its just easier for me to rename it then modify a bunch of
just make sure you
On Sat, Feb 17, 2001 at 11:13:52PM -0500, Glenn Becker wrote:
> Interesting ports on localhost (127.0.0.1):
> PortState Protocol Service
> 22 opentcpssh
> 25 opentcpsmtp
> 53 opentcpdomain
>
To quote Glenn Becker <[EMAIL PROTECTED]>,
#
# All,
#
# I have been trying to secure my Debian box, which enjoys a DSL
# connection. I've been going through /etc/inetd.conf, commenting out
# services, and K'ing others in the /etc/rc2.d/, until what I have left
is
# the following (output from nmap
1 - 100 of 119 matches
Mail list logo
