Re: Port 123 and ipv6
On 28/01/14 18:00, lina wrote:
>>> I read something online, and wonder:
>>> 1] shall I close the port 123
>>
>> Probably you should, unless you're providing ntp to some other hosts.s
>
> I have disabled the ntp. Here is other two things:
>
> 1] about port 631, can I turn it off? since I only print very
> occasionally, I don't know the real purpose of cupsd;
CUPS daemon is part of your printing support
>
> 2] I don't know why the dhclient occupy several ports to listen, and
> what's a little annoying is that seems my IP address barely changed even
> I reboot after one night.
>
>
> # netstat -nltup
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address Foreign Address
> State PID/Program name
> tcp 0 0 127.0.0.1:631 0.0.0.0:*
> LISTEN 3288/cupsd
> tcp 0 0 127.0.0.1:25 0.0.0.0:*
> LISTEN 3776/exim4
> tcp 0 0 127.0.0.1:2628 0.0.0.0:*
> LISTEN 3268/0
> tcp6 0 0 ::1:631 :::*
> LISTEN 3288/cupsd
> tcp6 0 0 :::143 :::*
> LISTEN 2731/couriertcpd
> udp 0 0 0.0.0.0:68 0.0.0.0:*
> 3690/dhclient
> udp 0 0 0.0.0.0:68 0.0.0.0:*
> 3396/dhclient
> udp 0 0 0.0.0.0:68 0.0.0.0:*
> 3158/dhclient
> udp 0 0 0.0.0.0:47447 0.0.0.0:*
> 3396/dhclient
> udp 0 0 0.0.0.0:56026 0.0.0.0:*
> 3690/dhclient
> udp 0 0 0.0.0.0:57235 0.0.0.0:*
> 3158/dhclient
> udp6 0 0 :::21529 :::*
> 3158/dhclient
> udp6 0 0 :::56026 :::*
> 3396/dhclient
> udp6 0 0 :::27602 :::*
> 3690/dhclient
>
>
>>
>>> 2] disable ipv6
>>
>> Is there something malfunctioning on this host? Or is there any service
>> that misbehaves with ipv6?
>
> I read something online earlier,
> "Currently there are no comfortable tools out which are able to check a
> system over network for IPv6 security issues. Neither Nessus nor any
> commercial security scanner is as far as I know able to scan IPv6
> addresses." (from
> http://mirrors.deepspace6.net/Linux+IPv6-HOWTO/ipv6-security-auditing.html)
Keyword "commercial". And I still don't believe that information is
correct. IPV6 security testing is very well supported by Open Source tools
Try wireshark, the better, Open Source, version of Nessus:-
# apt-get install wireshark
Also take a look at TCH-IPv6:-
https://www.thc.org/thc-ipv6/
IPV6ToolKit:-
http://www.si6networks.com/tools/ipv6toolkit/
And for firewall testing, ft6:-
https://redmine.cs.uni-potsdam.de/projects/ft6/wiki
The latter is part of the IPv6 Intrusion Detection System Project:-
http://www.idsv6.de/en/index.html
>
>>
>> Reco
>>
>>
>
>
Kind regards
Reply to: