RE: Open ports & security
> Port 111 is the portmap daemon, used by NFS and NIS (anything else?).
> It doesn't look like you're using NFS or NIS (if so you'd have other
> ports open) so you can probably shut it off. If you do want to keep it
> on, it might be worth it to use something like ipchains or iptables to
> filter access from the internet. You can also use /etc/hosts.{allow,deny}
> to restrict access to the portmap daemon.
>
> Also, I know of no services that use discard, time, or daytime, so
> there's no reason for them to be on. Of course, there's no *known*
> reason to turn them off, either, but...
Okay, so I have edited my /etc/inetd.conf file to turn off discard, time,
and daytime.
No Problem.
I am not using NFS or NIS, and I have started to hunt down how/where to turn
off portmap.
Hmmm...
I check out things in /etc/init.d. Ahh... mountnfs.sh!
But wait! I read through the script.... It shouldn't be on! There's
nothing to turn it on.
my /etc/fstab:
# /etc/fstab: static file system information.
#
# <file system> <mount point> <type> <options>
<dump> <pass>
/dev/hda1 / ext2 defaults,errors=remount-ro 0
1
/dev/hda3 none swap sw 0
0
proc /proc proc defaults 0
0
/dev/fd0 /floppy auto defaults,user,noauto 0
0
/dev/cdrom /cdrom iso9660 defaults,ro,user,noauto 0
0
/dev/hda2 /var ext2 rw 0
2
/dev/hda5 /usr ext2 rw 0
2
/dev/hda6 /home ext2 rw 0
2
What am I missing? It's potato with a 2.2.15 kernel.
Thanks,
Brooks
Reply to: