Re: How do I disable (close) ports?
On Tue, Dec 04, 2001 at 09:18:09PM +0100, J. Paul Bruns-Bielkowicz wrote:
> I disabled all but a few ports in /etc/services, but I have
> tcp 0 0 pa237.olsztyn.sdi.t:111 220.127.116.11:1064
> when I netstat my machine. What exactly does this mean? I just want
> 25/tcp open smtp
> 37/tcp open time
> 66/tcp open sql*net
> 80/tcp open http
> 110/tcp open pop-3
> 443/tcp open https
> 3306/tcp open mysql
> open. How can I close ports 111 and 859? They are not enabled in
> J. Paul Bruns-Bielkowicz
I suggest ipchains or iptables (depends on kernel version you have).
And then (ipchains example)
ipchains -A input ACCEPT -p tcp --destination-port 25 (repeat for all ports
that have to be open)
ipchains -A input DENY (this will close the rest without notifying client
machine that it's packet was filtered)
You may also want to log denied packets (add -l in DENY line), but it can be
a lot of stuff so consider it carefully.
More information can be found at ipchains-howto