Please support VectorLinux!

Author Topic: ports...  (Read 2309 times)

ghartl1

  • Vectorite
  • ***
  • Posts: 379
ports...
« on: July 21, 2007, 04:41:39 pm »
hi,

i use soho 5.8 and did a test at shields up pertaining the open ports

port 1 and 2 and from 1023 to 1055 are closed. all other ports are stealth..

how can i achieve that all ports are closed(there are still some ms-ports..1024 there)but i dont use any ms protocol(nointern network..only linux on my box)

is there a way to get all ports stealth..

ps: in vasm i do have alreay deactivate all services..except cron firewall ifplugd inetd..)

greets günter

bigpaws

  • Vectorian
  • ****
  • Posts: 1868
Re: ports...
« Reply #1 on: July 21, 2007, 06:39:29 pm »
Your post is missing information. Standard install of VL5.8 SOHO was  ports 139,445,and 631 open
by default. One reason why VL in not recommended for a server.

This will help you find executable files in /etc/rc.d the area most services are started from.
You could also Google the ports to find out how to close them.

find /etc/rc.d -type f -perm /u+x,g+x,o+x | more 

HTH

Bigpaws

ghartl1

  • Vectorite
  • ***
  • Posts: 379
Re: ports...
« Reply #2 on: July 23, 2007, 03:18:39 am »
hi, deactivated port 631(edited cups.conf..so that cups is only listening to loopback)

ports 139 and 445 are ms-related...deactivate every protocol except tcp/ip

question: are the files in this irectoy also activ..or relevant??(because its in the sample-directory)

/etc/rc.d/init.d/sample/sendmail

anyway thanks for your reply

bigpaws

  • Vectorian
  • ****
  • Posts: 1868
Re: ports...
« Reply #3 on: July 23, 2007, 03:53:28 am »
You can use ls -la to display the owner and permissions.

If the file is executable which is the x in xrw then you can
remove that by chmod -x <file name>

Bigpaws

ghartl1

  • Vectorite
  • ***
  • Posts: 379
Re: ports...
« Reply #4 on: July 23, 2007, 04:12:52 am »
thanks..

Joe1962

  • Administrator
  • Vectorian
  • *****
  • Posts: 2499
    • Joe1962's Website
Re: ports...
« Reply #5 on: July 23, 2007, 04:13:27 am »
BTW, you can disable inetd unless you really need it.
O'Neill (RE the Asgard): "Usually they ask nicely before they ignore us and do what they damn well please."
http://joe1962.bigbox.info
Running: VL 7 Std 64 + self-cooked XFCE-4.10