VectorLinux
October 31, 2014, 08:51:14 am *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Visit our home page for VL info. To search the old message board go to http://vectorlinux.com/forum1. The first VL forum is temporarily offline until we can find a host for it. Thanks for your patience.
 
Now powered by KnowledgeDex.
   Home   Help Search Login Register  
Please support VectorLinux!
Pages: [1]
  Print  
Author Topic: Port 6000  (Read 1391 times)
erekose
Member
*
Posts: 4



« on: January 02, 2008, 02:36:22 pm »

I have been trying to close port 6000 on VL5.9 but to no avail.  Really appreciate if someone could point to me how to do it.
Logged
jduped
Vectorite
***
Posts: 127


Don't Worry, Be Happy


« Reply #1 on: January 02, 2008, 03:02:26 pm »

To permanently close that port...

go to the terminal

Code:
ifconfig

note the name of the network card that has a live ip, usually eth0 or eth1

with root access find the following file

/etc/rc.d/rc.local

Edit with mouse pad or vi or what every you like to edit with.

Add these line to the end

/sbin/iptables -A CUSTOMINPUT -p tcp -i eth0 --dport 6000 -j DROP
/sbin/iptables -A CUSTOMINPUT -p udp -i eth0 --dport 6000 -j DROP

Assuming your nic is eth0

Save

in the terminal restart rc.local

Code:
sh /etc/rc.d/rc.local

test port.

https://www.grc.com/port_6000.htm
Logged

Ask Yourself

erekose
Member
*
Posts: 4



« Reply #2 on: January 02, 2008, 03:54:05 pm »

I did but still to no avail. here's the outputs:

<.. snippet of /etc/rc.d/rc.local>
## You may add custom initialisation below this
/sbin/iptables -A CUSTOMINPUT -p tcp -i eth0 --dport 6000 -j DROP
/sbin/iptables -A CUSTOMINPUT -p udp -i eth0 --dport 6000 -j DROP

crash://etc/rc.d
root:# sh /etc/rc.d/rc.local
vcpufreq-load disabled in config...
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
crash://etc/rc.d

could it just be by adding "-nolisten tcp" to disable it ? but i don't know which file exactly.  i did modify the /etc/X11/xdm/Xservers but still the same.
Logged
jduped
Vectorite
***
Posts: 127


Don't Worry, Be Happy


« Reply #3 on: January 02, 2008, 04:05:57 pm »

sorry my bad


remove custom
just input

## You may add custom initialisation below this


/sbin/iptables -A INPUT -p tcp -i eth0 --dport 6000 -j DROP
/sbin/iptables -A INPUT -p udp -i eth0 --dport 6000 -j DROP

restart the file...

sh /etc/rc.d/rc.local and test that port.

...works for me

I'm working on my ipcop box right now in the iptables...I was using custom in there, as there existing ip table rules.
Logged

Ask Yourself

erekose
Member
*
Posts: 4



« Reply #4 on: January 02, 2008, 04:35:54 pm »

ok. thanks.

I have the iptables list as follows:

root:# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       tcp  --  anywhere             anywhere            tcp dpt:x11
DROP       udp  --  anywhere             anywhere            udp dpt:x11

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

scanning the host still shows the port is up:

PORT     STATE SERVICE
631/tcp  open  ipp
6000/tcp open  X11

Nmap finished: 1 IP address (1 host up) scanned in 0.133 seconds

testing the port from https://www.grc.com/port_6000.htm also said the port was open

maybe i miss some other settings ere ...
Logged
jduped
Vectorite
***
Posts: 127


Don't Worry, Be Happy


« Reply #5 on: January 02, 2008, 05:13:59 pm »

I'm not sure why its still opened...

I'm currently modifying my ipcop, and using that site I gave you to test that, I've got a few ports that just won't close, I'm working on those.

as for your issue, you could try this modified version of what I gave you already...it might make a difference... Perhaps looking for a program that will be a graphical interface might be able to get the job done.

Code:
/sbin/iptables -A INPUT -p tcp --syn -i eth0 --dport 6000 -j DROP
/sbin/iptables -A INPUT -p udp -i eth0 --dport 6000 -j DROP

Either of these might help...I'm not sure, just trying to help...

http://sourceforge.net/projects/xfwall/
http://www.simonzone.com/software/guarddog/#download

I'm not sure what else to suggest, I'd say wait and see if any one else has any idea if this doesn't work...when I get my issue cleared up I'll see if can apply to yours and perhaps fix the problem.
« Last Edit: January 02, 2008, 05:17:28 pm by jduped » Logged

Ask Yourself

erekose
Member
*
Posts: 4



« Reply #6 on: January 02, 2008, 09:55:04 pm »

ok. thanks.

one thing for sure, port 6000 would be completely closed if i log  to console and invoke the windows manager using the command "startx -nolisten tcp".
Logged
uelsk8s
Administrator
Vectorian
*****
Posts: 2504



« Reply #7 on: January 05, 2008, 12:40:10 pm »

open your /usr/share/config/kdm/kdmrc file as root
goto the line that says ServerArgsLocal=
and change it to ServerArgsLocal="-nolisten"
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!