Re: Newbie - wants to close ports
On 30.9.2002 10:22 Uhr, "Riku Valli" <riku.valli@lanwan.fi> wrote:
> Disable services. Edited /etc/inetd.conf and add # to unwanted service or
> use update-inetd program to complete task. Restart inetd super daemon
> /etc/init.d/inetd restart
Thanks I commented out all services from /etc/inetd.conf that I do not want
- actually now everything has got a #
> stop service ex /etc/init.d/named stop
> /etc/init.d/program_name add beginning of script 'exit 0' examble of named
> (listen 53)
Can you give me an example with 'finger'
>
> Anyway if you not need service REMOVE IT examble
> apt-get remove program_name These is suitable for most services under init.d
I tried this ie. The finger-package is not on my system but still the finger
port is open. I done apt-get --purge remove finger then I get: no such
package installed..
> Use man/info service_name You will found most of cases more information...
> /usr/share/doc/package_name You will found package documentation...
Done this as well for tcpmux. I do not have an entry for that service in my
man pages.
> /usr/share/doc/HOWTO/en-txt should be installed your system (Debian3.0) read
> firewall and security HOWTOs and check Debians own document
> http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html
Thanks for the link. Will read this once again.
Zeno
> ----- Original Message -----
> From: "Zeno Davatz" <zdavatz@ywesee.com>
> To: <debian-security@lists.debian.org>
> Sent: Monday, September 30, 2002 10:43 AM
> Subject: Newbie - wants to close ports
>
>
>> Hi List
>>
>> I am an newbie and done a nmap -v of my local maschine that is supposed to
>> be put into the internet after I managed to close all the necessary ports.
>> Can anyone give me a hint how to go about closing all the following port
>> execpt ssh, http, https?
>>
>> Port State Service
>> 1/tcp open tcpmux
>> 9/tcp open discard
>> 11/tcp open systat
>> 13/tcp open daytime
>> 15/tcp open netstat
>> 22/tcp open ssh
>> 37/tcp open time
>> 53/tcp open domain
>> 79/tcp open finger
>> 80/tcp open http
>> 111/tcp open sunrpc
>> 119/tcp open nntp
>> 443/tcp open https
>> 540/tcp open uucp
>> 635/tcp open unknown
>> 1080/tcp open socks
>> 1524/tcp open ingreslock
>> 2000/tcp open callbook
>> 5432/tcp open postgres
>> 6667/tcp open irc
>> 12345/tcp open NetBus
>> 12346/tcp open NetBus
>> 27665/tcp open Trinoo_Master
>> 31337/tcp open Elite
>> 32771/tcp open sometimes-rpc5
>> 32772/tcp open sometimes-rpc7
>> 32773/tcp open sometimes-rpc9
>> 32774/tcp open sometimes-rpc11
>> 54320/tcp open bo2k
>>
>> Many thanks in advance for your help.
>>
>> Kind regards
>> Zeno
>>
>>
>> --
>> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>>
>>
>
>
--
Mit freundlichen Grüssen / best regards
Zeno Davatz
Strategie & Akquisition
+41 1 350 85 86
www.ywesee.com > intellectual capital connected > www.generika.cc
Reply to: