RE: How do I disable (close) ports?
Paul,
Commenting things out in /etc/services is not really the way to disable
them. Here is a good, concise, Debian-specific piece of documentation:
http://www.debian.org/doc/manuals/securing-debian-howto/
Also, try the Security-Quickstart-HOWTO:
http://linuxdoc.org/HOWTO/Security-Quickstart-HOWTO/index.html
I found both of these to be excellent references. The short answer is that
port 111 is probably sunrpc's portmapper. It is mostly used for NFS. I
have mine disabled. Not sure what 859 is, offhand. The HOWTOs give you
information on how to figure out whether something is running via inetd or
if it is standalone, and how to disable it. I think those documents should
answer all your questions. Have fun, hope this helps.
Tom
P.S. Sorry for having the reply above your message, Outlook does not really
do replies in the manner that I prefer... :(
-----Original Message-----
From: J. Paul Bruns-Bielkowicz [mailto:jp@america.eu.org]
Sent: Tuesday, December 04, 2001 12:18 PM
To: debian-security@lists.debian.org
Subject: How do I disable (close) ports?
Hi,
I disabled all but a few ports in /etc/services, but I have
tcp 0 0 pa237.olsztyn.sdi.t:111 80.116.215.37:1064
ESTABLISHED
when I netstat my machine. What exactly does this mean? I just want
25/tcp open smtp
37/tcp open time
66/tcp open sql*net
80/tcp open http
110/tcp open pop-3
443/tcp open https
3306/tcp open mysql
open. How can I close ports 111 and 859? They are not enabled in
/etc/services Thanks, J. Paul Bruns-Bielkowicz http://www.america.prv.pl
Reply to: