VectorLinux

Please login or register.

Login with username, password and session length
Advanced search  

News:

Visit our home page for VL info. For support and documentation, visit the Vector Linux Knowledge Center or search the Knowledge Center and this Forum using the search box above.

Author Topic: Port 6000  (Read 1579 times)

erekose

  • Member
  • *
  • Posts: 4
Port 6000
« on: January 02, 2008, 02:36:22 pm »

I have been trying to close port 6000 on VL5.9 but to no avail.  Really appreciate if someone could point to me how to do it.
Logged

jduped

  • Vectorite
  • ***
  • Posts: 127
  • Don't Worry, Be Happy
Re: Port 6000
« Reply #1 on: January 02, 2008, 03:02:26 pm »

To permanently close that port...

go to the terminal

Code: [Select]
ifconfig
note the name of the network card that has a live ip, usually eth0 or eth1

with root access find the following file

/etc/rc.d/rc.local

Edit with mouse pad or vi or what every you like to edit with.

Add these line to the end

/sbin/iptables -A CUSTOMINPUT -p tcp -i eth0 --dport 6000 -j DROP
/sbin/iptables -A CUSTOMINPUT -p udp -i eth0 --dport 6000 -j DROP

Assuming your nic is eth0

Save

in the terminal restart rc.local

Code: [Select]
sh /etc/rc.d/rc.local
test port.

https://www.grc.com/port_6000.htm
Logged
Ask Yourself

erekose

  • Member
  • *
  • Posts: 4
Re: Port 6000
« Reply #2 on: January 02, 2008, 03:54:05 pm »

I did but still to no avail. here's the outputs:

<.. snippet of /etc/rc.d/rc.local>
## You may add custom initialisation below this
/sbin/iptables -A CUSTOMINPUT -p tcp -i eth0 --dport 6000 -j DROP
/sbin/iptables -A CUSTOMINPUT -p udp -i eth0 --dport 6000 -j DROP

crash://etc/rc.d
root:# sh /etc/rc.d/rc.local
vcpufreq-load disabled in config...
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
crash://etc/rc.d

could it just be by adding "-nolisten tcp" to disable it ? but i don't know which file exactly.  i did modify the /etc/X11/xdm/Xservers but still the same.
Logged

jduped

  • Vectorite
  • ***
  • Posts: 127
  • Don't Worry, Be Happy
Re: Port 6000
« Reply #3 on: January 02, 2008, 04:05:57 pm »

sorry my bad


remove custom
just input

## You may add custom initialisation below this


/sbin/iptables -A INPUT -p tcp -i eth0 --dport 6000 -j DROP
/sbin/iptables -A INPUT -p udp -i eth0 --dport 6000 -j DROP

restart the file...

sh /etc/rc.d/rc.local and test that port.

...works for me

I'm working on my ipcop box right now in the iptables...I was using custom in there, as there existing ip table rules.
Logged
Ask Yourself

erekose

  • Member
  • *
  • Posts: 4
Re: Port 6000
« Reply #4 on: January 02, 2008, 04:35:54 pm »

ok. thanks.

I have the iptables list as follows:

root:# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       tcp  --  anywhere             anywhere            tcp dpt:x11
DROP       udp  --  anywhere             anywhere            udp dpt:x11

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

scanning the host still shows the port is up:

PORT     STATE SERVICE
631/tcp  open  ipp
6000/tcp open  X11

Nmap finished: 1 IP address (1 host up) scanned in 0.133 seconds

testing the port from https://www.grc.com/port_6000.htm also said the port was open

maybe i miss some other settings ere ...
Logged

jduped

  • Vectorite
  • ***
  • Posts: 127
  • Don't Worry, Be Happy
Re: Port 6000
« Reply #5 on: January 02, 2008, 05:13:59 pm »

I'm not sure why its still opened...

I'm currently modifying my ipcop, and using that site I gave you to test that, I've got a few ports that just won't close, I'm working on those.

as for your issue, you could try this modified version of what I gave you already...it might make a difference... Perhaps looking for a program that will be a graphical interface might be able to get the job done.

Code: [Select]
/sbin/iptables -A INPUT -p tcp --syn -i eth0 --dport 6000 -j DROP
/sbin/iptables -A INPUT -p udp -i eth0 --dport 6000 -j DROP

Either of these might help...I'm not sure, just trying to help...

http://sourceforge.net/projects/xfwall/
http://www.simonzone.com/software/guarddog/#download

I'm not sure what else to suggest, I'd say wait and see if any one else has any idea if this doesn't work...when I get my issue cleared up I'll see if can apply to yours and perhaps fix the problem.
« Last Edit: January 02, 2008, 05:17:28 pm by jduped »
Logged
Ask Yourself

erekose

  • Member
  • *
  • Posts: 4
Re: Port 6000
« Reply #6 on: January 02, 2008, 09:55:04 pm »

ok. thanks.

one thing for sure, port 6000 would be completely closed if i log  to console and invoke the windows manager using the command "startx -nolisten tcp".
Logged

uelsk8s

  • Administrator
  • Vectorian
  • *****
  • Posts: 2504
Re: Port 6000
« Reply #7 on: January 05, 2008, 12:40:10 pm »

open your /usr/share/config/kdm/kdmrc file as root
goto the line that says ServerArgsLocal=
and change it to ServerArgsLocal="-nolisten"
Logged