[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Newbie - wants to close ports

Commonly fingerd will found inetd.conf and name as in.fingerd..., but there
are some replacement of fingerd examble cfingerd etc. Maybe some of these
variants start from /etc/init.d ?
I recommed you locate this daemon....
Examble this way...
locate fingerd|more this should display all fingerd variants for you...
If you see messages somethink database is over 8 days old..
updatedb ( You must do that root privileges)


----- Original Message -----
From: "Zeno Davatz" <zdavatz@ywesee.com>
To: "Riku Valli" <riku.valli@lanwan.fi>; <debian-security@lists.debian.org>
Sent: Monday, September 30, 2002 11:41 AM
Subject: Re: Newbie - wants to close ports

On 30.9.2002 10:22 Uhr, "Riku Valli" <riku.valli@lanwan.fi> wrote:

> Disable services. Edited /etc/inetd.conf and add # to unwanted service or
> use update-inetd program to complete task. Restart inetd super daemon
> /etc/init.d/inetd restart
Thanks I commented out all services from /etc/inetd.conf that I do not want
- actually now everything has got a #

> stop service ex /etc/init.d/named stop
> /etc/init.d/program_name add beginning of script 'exit 0'  examble of
> (listen 53)
Can you give me an example with 'finger'
> Anyway if you not need service REMOVE IT examble
> apt-get remove program_name These is suitable for most services under
I tried this ie. The finger-package is not on my system but still the finger
port is open. I done apt-get --purge remove finger then I get: no such
package installed..

> Use man/info service_name You will found most of cases more information...
> /usr/share/doc/package_name You will found  package documentation...
Done this as well for tcpmux. I do not have an entry for that service in my
man pages.

> /usr/share/doc/HOWTO/en-txt should be installed your system (Debian3.0)
> firewall and security HOWTOs and check Debians own document
> http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html
Thanks for the link. Will read this once again.

> ----- Original Message -----
> From: "Zeno Davatz" <zdavatz@ywesee.com>
> To: <debian-security@lists.debian.org>
> Sent: Monday, September 30, 2002 10:43 AM
> Subject: Newbie - wants to close ports
>> Hi List
>> I am an newbie and done a nmap -v of my local maschine that is supposed
>> be put into the internet after I managed to close all the necessary
>> Can anyone give me a hint how to go about closing all the following port
>> execpt ssh, http, https?
>> Port       State       Service
>> 1/tcp      open        tcpmux
>> 9/tcp      open        discard
>> 11/tcp     open        systat
>> 13/tcp     open        daytime
>> 15/tcp     open        netstat
>> 22/tcp     open        ssh
>> 37/tcp     open        time
>> 53/tcp     open        domain
>> 79/tcp     open        finger
>> 80/tcp     open        http
>> 111/tcp    open        sunrpc
>> 119/tcp    open        nntp
>> 443/tcp    open        https
>> 540/tcp    open        uucp
>> 635/tcp    open        unknown
>> 1080/tcp   open        socks
>> 1524/tcp   open        ingreslock
>> 2000/tcp   open        callbook
>> 5432/tcp   open        postgres
>> 6667/tcp   open        irc
>> 12345/tcp  open        NetBus
>> 12346/tcp  open        NetBus
>> 27665/tcp  open        Trinoo_Master
>> 31337/tcp  open        Elite
>> 32771/tcp  open        sometimes-rpc5
>> 32772/tcp  open        sometimes-rpc7
>> 32773/tcp  open        sometimes-rpc9
>> 32774/tcp  open        sometimes-rpc11
>> 54320/tcp  open        bo2k
>> Many thanks in advance for your help.
>> Kind regards
>> Zeno
>> --
>> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org

Mit freundlichen Grüssen / best regards

Zeno Davatz
Strategie & Akquisition

+41 1 350 85 86

www.ywesee.com > intellectual capital connected > www.generika.cc

Reply to: