Re: What services are using these ports?

To: debian-user@lists.debian.org
Subject: Re: What services are using these ports?
From: Edward Guldemond <thedebategod@yifan.net>
Date: Tue, 15 Oct 2002 23:32:00 -0400
Message-id: <[🔎] 20021016033200.GB4310@yifan.net>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 3DACD9FA.9914494A@inetone.net>
References: <[🔎] 3DACD9FA.9914494A@inetone.net>

On Tue, Oct 15, 2002 at 11:16:10PM -0400, Marc Shapiro wrote:
> 	Port	Service			Comments
> 	----	----------------	--------------------------------
> 	   9	discard			What is this?

Standard TCP service from inetd.  It can be disabled by "update-inetd
--disable discard"

> 	  13	daytime			What is this?

Standard TCP service from inetd.  It can be disabled by "update-inetd
--disable daytime"

> 	  21	ftp			OK

This is the FTP port.  If you want to get rid of it, uninstall any ftpd
you might have.  If you have no such daemon installed, then try
"update-inetd --disable ftp"

> 	  22	unassigned		Is this talkd?

This would be SSH, as far as I know.  I would keep this as it's good for
remote login...better than telnet as a matter of fact because it's
encrypted, and I don't know what kind of lusers you have on your college
campus.

> 	  23	telnet			OK
> 	  25	smtp			I dont have smtpd running and do
> 					not plan to set up a mail server.
> 					Is this exim listening here?

Exim is listening here.  You can make it stop by putting this in your
exim.conf file:
local_interfaces = 127.0.0.1
As that file says, "# This will cause exim to accept mail only from the
local (network) interface"

> 	  37	time			This should stay?

Another standard TCP service.  Disable by "update-inetd --disable time"

> 	  79	finger			This is gone, already.
> 	 111	sun RPC			portmapper?  Do I need this?

Unless you're sharing NFS shares, you really don't need portmapper.  I
would remove it.

> 	 113	authentication		What is this?

This is auth, the auth daemon.  This usually is not exploitable.  I have
nullidentd installed myself, because sometimes it's required to connect
to SMTP servers or IRC servers.

> 	 515	printer			No printer currently attatched,
> 					but not a problem.

May I suggest that you read the Securing Debian Guide at
http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html .
Everything I told you in this section is listed in there.

Happy to help,

-- 
------------------------------------------
Edward Guldemond

Key fingerprint:  29FF 2969 A04E F934 3F03  
                  4329 BC56 3AA7 2F57 6735

Attachment: pgp9PvrAec7KE.pgp
Description: PGP signature

Reply to:

References:
- What services are using these ports?
  - From: Marc Shapiro <mshapiro@inetone.net>

Prev by Date: Re: Starting X on second screen
Next by Date: RE: gdm, log in as root?
Previous by thread: Re: What services are using these ports?
Next by thread: Re: What services are using these ports?
Index(es):
- Date
- Thread