[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How do I disable (close) ports?

On Tue, Dec 04, 2001 at 09:18:09PM +0100, J. Paul Bruns-Bielkowicz wrote:
> Hi,
> I disabled all but a few ports in /etc/services, but I have
> tcp        0      0 pa237.olsztyn.sdi.t:111
> when I netstat my machine. What exactly does this mean? I just want
> 25/tcp     open        smtp
> 37/tcp     open        time
> 66/tcp     open        sql*net
> 80/tcp     open        http
> 110/tcp    open        pop-3
> 443/tcp    open        https
> 3306/tcp   open        mysql
> open. How can I close ports 111 and 859? They are not enabled in
> /etc/services
> Thanks,
> J. Paul Bruns-Bielkowicz
> http://www.america.prv.pl
I suggest ipchains or iptables (depends on kernel version you have).
And then (ipchains example)
ipchains -A input ACCEPT -p tcp --destination-port 25 (repeat for all ports
	that have to be open)
ipchains -A input DENY (this will close the rest without notifying client
	machine that it's packet was filtered) 

You may also want to log denied packets (add -l in DENY line), but it can be 
a lot of stuff so consider it carefully.

More information can be found at ipchains-howto

Jaroslaw Postawa

Reply to: