Re: Newbie - wants to close ports
Hi
Commonly fingerd will found inetd.conf and name as in.fingerd..., but there
are some replacement of fingerd examble cfingerd etc. Maybe some of these
variants start from /etc/init.d ?
I recommed you locate this daemon....
Examble this way...
locate fingerd|more this should display all fingerd variants for you...
If you see messages somethink database is over 8 days old..
updatedb ( You must do that root privileges)
Riku
----- Original Message -----
From: "Zeno Davatz" <zdavatz@ywesee.com>
To: "Riku Valli" <riku.valli@lanwan.fi>; <debian-security@lists.debian.org>
Sent: Monday, September 30, 2002 11:41 AM
Subject: Re: Newbie - wants to close ports
On 30.9.2002 10:22 Uhr, "Riku Valli" <riku.valli@lanwan.fi> wrote:
> Disable services. Edited /etc/inetd.conf and add # to unwanted service or
> use update-inetd program to complete task. Restart inetd super daemon
> /etc/init.d/inetd restart
Thanks I commented out all services from /etc/inetd.conf that I do not want
- actually now everything has got a #
> stop service ex /etc/init.d/named stop
> /etc/init.d/program_name add beginning of script 'exit 0' examble of
named
> (listen 53)
Can you give me an example with 'finger'
>
> Anyway if you not need service REMOVE IT examble
> apt-get remove program_name These is suitable for most services under
init.d
I tried this ie. The finger-package is not on my system but still the finger
port is open. I done apt-get --purge remove finger then I get: no such
package installed..
> Use man/info service_name You will found most of cases more information...
> /usr/share/doc/package_name You will found package documentation...
Done this as well for tcpmux. I do not have an entry for that service in my
man pages.
> /usr/share/doc/HOWTO/en-txt should be installed your system (Debian3.0)
read
> firewall and security HOWTOs and check Debians own document
> http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html
Thanks for the link. Will read this once again.
Zeno
> ----- Original Message -----
> From: "Zeno Davatz" <zdavatz@ywesee.com>
> To: <debian-security@lists.debian.org>
> Sent: Monday, September 30, 2002 10:43 AM
> Subject: Newbie - wants to close ports
>
>
>> Hi List
>>
>> I am an newbie and done a nmap -v of my local maschine that is supposed
to
>> be put into the internet after I managed to close all the necessary
ports.
>> Can anyone give me a hint how to go about closing all the following port
>> execpt ssh, http, https?
>>
>> Port State Service
>> 1/tcp open tcpmux
>> 9/tcp open discard
>> 11/tcp open systat
>> 13/tcp open daytime
>> 15/tcp open netstat
>> 22/tcp open ssh
>> 37/tcp open time
>> 53/tcp open domain
>> 79/tcp open finger
>> 80/tcp open http
>> 111/tcp open sunrpc
>> 119/tcp open nntp
>> 443/tcp open https
>> 540/tcp open uucp
>> 635/tcp open unknown
>> 1080/tcp open socks
>> 1524/tcp open ingreslock
>> 2000/tcp open callbook
>> 5432/tcp open postgres
>> 6667/tcp open irc
>> 12345/tcp open NetBus
>> 12346/tcp open NetBus
>> 27665/tcp open Trinoo_Master
>> 31337/tcp open Elite
>> 32771/tcp open sometimes-rpc5
>> 32772/tcp open sometimes-rpc7
>> 32773/tcp open sometimes-rpc9
>> 32774/tcp open sometimes-rpc11
>> 54320/tcp open bo2k
>>
>> Many thanks in advance for your help.
>>
>> Kind regards
>> Zeno
>>
>>
>> --
>> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>>
>>
>
>
--
Mit freundlichen Grüssen / best regards
Zeno Davatz
Strategie & Akquisition
+41 1 350 85 86
www.ywesee.com > intellectual capital connected > www.generika.cc
Reply to: