Re: How do I disable (close) ports?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
J. Paul Bruns-Bielkowick:
Port 111 is sunrpc. I forgot the exact name of the package that
leaves this open (perhaps someone else can recall it). If you
type 'netstat -p' (as root) you will see which programs have
which ports open. For the quick fix, just kill the PID, but it
will come back on the next reboot. For the real fix you need to
a: disable the startup of the program in /etc/rc2.d OR uninstall
the package which contains sunrpc. You may also wish to look
into ipchains/iptables to restrict the use of some of your other
services. If you do this, the best policy as mentioned several
times today is block ALL traffic and allow the traffic you want
specifically.
Good luck,
Phil
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8DVbaS3Jybf3L5MQRAlYfAJ9vfNk2OJ3sUb04CClDF2eZi7NDWACffpr1
pPMFEcLO+ODLe54j+4fFsIY=
=XBbl
-----END PGP SIGNATURE-----
----- Original Message -----
From: J. Paul Bruns-Bielkowicz <jp@america.eu.org>
To: <debian-security@lists.debian.org>
Sent: Tuesday, December 04, 2001 3:18 PM
Subject: How do I disable (close) ports?
> Hi,
> I disabled all but a few ports in /etc/services, but I have
> tcp 0 0 pa237.olsztyn.sdi.t:111 80.116.215.37:1064
> ESTABLISHED
> when I netstat my machine. What exactly does this mean? I just want
> 25/tcp open smtp
> 37/tcp open time
> 66/tcp open sql*net
> 80/tcp open http
> 110/tcp open pop-3
> 443/tcp open https
> 3306/tcp open mysql
> open. How can I close ports 111 and 859? They are not enabled in
> /etc/services
> Thanks,
> J. Paul Bruns-Bielkowicz
> http://www.america.prv.pl
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>
>
Reply to: