Re: What services are using these ports?

To: Marc Shapiro <mshapiro@inetone.net>
Cc: debian-user@lists.debian.org
Subject: Re: What services are using these ports?
From: Osamu Aoki <debian@aokiconsulting.com>
Date: Sat, 19 Oct 2002 08:00:03 -0700
Message-id: <[🔎] 20021019150003.GA22096@aokiconsulting.com>
Mail-followup-to: Marc Shapiro <mshapiro@inetone.net>, debian-user@lists.debian.org
In-reply-to: <[🔎] 3DACD9FA.9914494A@inetone.net>
References: <[🔎] 3DACD9FA.9914494A@inetone.net>

On Tue, Oct 15, 2002 at 11:16:10PM -0400, Marc Shapiro wrote:
> I am trying to set up a linux server on the college campus that I
> attend.  
...
> This is probably enough to eventually make the sysadmin happy, but
> there are a number of ports which are active that we are not sure what
> is listening to them.  Below is a list of ports (from before I did my
> deletes) and what the sysadmin's resources say they are:
Other posts answerd about which port to close.  So I will focus one how
it shall be closed.  (Stopping daemon is not the only way, you can
close them by kernel packet filtering.)

> 	  22    SSH                     OK
This is good secure protocol to access your machine remotely.  If
university does not allow you to use this port, you have 2 choices.

1) Run SSH on another port (23, 8080, ...) which you do not use run SSH but
   university network allow you to use.  So it will not be used. (hide
   by moving port)
2) Set-up iptables(ipchains) firewall to allow SSH from locations where
   you want to access your machine and while packet from University IT 
   admin's IP address are dropped.  (hide by source IP)

> 	  23	telnet			OK
This is insecure protocol.  Password is plain text.  I you still insist
not to use SSH instead, keep it up for remote access.

> 	  25	smtp			I dont have smtpd running and do
How about exim.  If you set up LAN behind your machine, you may need it.
Easiest way to comply with University policy is block its port from
outside (DROP packets) using iptables(ipchains) firewall.

For easiest iptables(ipchains) firewall, check out "ipmasq" and add
strong(copy from /usr/share/doc/ipmasq and edit it).  My doc below may
have some more hints.

Cheers :)
-- 
~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ +++++
        Osamu Aoki @ Cupertino CA USA, GPG-key: A8061F32
 .''`.  Debian Reference: post-installation user's guide for non-developers
 : :' : http://www.debian.org/doc/manuals/reference/ also http://qref.sf.net
 `. `'  "Our Priorities are Our Users and Free Software" --- Social Contract

Reply to:

References:
- What services are using these ports?
  - From: Marc Shapiro <mshapiro@inetone.net>

Prev by Date: Re: can't install blackdown java
Next by Date: Anti-virus for Linux at an ISP
Previous by thread: Re: What services are using these ports?
Next by thread: Bits from the uw-imap maintainer
Index(es):
- Date
- Thread