Re: How do I disable (close) ports?

To: "J. Paul Bruns-Bielkowicz" <jp@america.eu.org>
Cc: debian-security@lists.debian.org
Subject: Re: How do I disable (close) ports?
From: Alexander Clouter <alexander.clouter@ic.ac.uk>
Date: Tue, 4 Dec 2001 22:09:16 +0000
Message-id: <[🔎] 20011204220916.B31938@oldfaithful>
Mail-followup-to: "J. Paul Bruns-Bielkowicz" <jp@america.eu.org>, debian-security@lists.debian.org
In-reply-to: <[🔎] 001601c17d00$ccb88000$660ba8c0@pa237.olsztyn.sdi.tpnet.pl>
References: <[🔎] 001601c17d00$ccb88000$660ba8c0@pa237.olsztyn.sdi.tpnet.pl>

J. Paul Bruns-Bielkowicz [jp@america.eu.org] wrote:
>
> I disabled all but a few ports in /etc/services, but I have
> tcp        0      0 pa237.olsztyn.sdi.t:111 80.116.215.37:1064
> ESTABLISHED
> when I netstat my machine. What exactly does this mean? I just want
> 25/tcp     open        smtp
> 37/tcp     open        time
> 66/tcp     open        sql*net
> 80/tcp     open        http
> 110/tcp    open        pop-3
> 443/tcp    open        https
> 3306/tcp   open        mysql
> open. How can I close ports 111 and 859? They are not enabled in
> /etc/services
>
erm....don't diasble them in /etc/services, this normally doesn't work (as
far as I'm aware).  /etc/services is more a 'lookup' service then a 'whether
I should actually work' service.

according to /etc/serices 111 is 'portmapper', darned if I know what it
actually does however you may find it lurking in your /etc/(x)inetd.conf or
even /etc/init.d/<something, likely to be 'portmapper'>.  Type
"/etc/init.d/<whatever> stop" and then do another netstat and see if that
helps.

As for the 859 I cannot see where you got it from, no reference to it at all,
from what you have given us.  However you probably find it in the same way as
you did 'nuke' portmapper.

As a suggestion install the 'debfoster' package, and run debfoster (when ever
you get bored as root) 'debfoster -n'.  This will then list all the packages
installed on your machine and any dependencies that are linked to them, you
can then trim off the stuff you never needed...or forgot about that you
installed ages ago.

good luck

Alex

-- 
 _________________________________________ 
/ Dear Miss Manners: Please list some     \
| tactful ways of removing a man's saliva |
| from your face.                         |
|                                         |
| Gentle Reader: Please list some decent  |
| ways of acquiring a man's saliva on     |
| your face. If the gentleman sprayed you |
| inadvertently to accompany enthusiastic |
| discourse, you may step back two paces, |
| bring out your handkerchief, and go     |
| through the motions of wiping your      |
| nose, while trailing the cloth along    |
| your face to pick up whatever needs     |
| mopping along the route. If, however,   |
| the substance was acquired as a result  |
| of enthusiasm of a more intimate        |
| nature, you may delicately retrieve it  |
\ with a flick of your pink tongue.       /
 ----------------------------------------- 
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||

Attachment: pgpYw6aEqkvjQ.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: How do I disable (close) ports?
  - From: tb@becket.net (Thomas Bushnell, BSG)

References:
- How do I disable (close) ports?
  - From: "J. Paul Bruns-Bielkowicz" <jp@america.eu.org>

Prev by Date: Syslog config file.
Next by Date: Re: How do I disable (close) ports?
Previous by thread: Răspuns: How do I disable (close) ports?
Next by thread: Re: How do I disable (close) ports?
Index(es):
- Date
- Thread