Re: Open ports

To: Bill <bill3@uniserve.com>, Debian User ML <debian-user@lists.debian.org>
Subject: Re: Open ports
From: Christian Seiler <christian@iwakd.de>
Date: Sat, 09 May 2015 13:50:37 +0200
Message-id: <[🔎] 554DF48D.9090902@iwakd.de>
In-reply-to: <[🔎] 554DEEAB.8000609@uniserve.com>
References: <[🔎] 554DEEAB.8000609@uniserve.com>

On 05/09/2015 01:25 PM, Bill wrote:
> I'm still running wheezy but noticed a couple of open ports the other
> day. This is just a simple laptop - no nfs access needed, no need for a
> networked port mapper, and certainly not a dns server.
> 
> So why are they there,

Well, Debian's policy for daemons generally is that if they are
installed, they are enabled by default.

> what uses them and why shouldn't I close them?
> (I'm assuming there must be a good reason to have wide open ports.)
>>># netstat -nplt
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address           Foreign Address State      
> PID/Program name
> tcp        0      0 0.0.0.0:111             0.0.0.0:* LISTEN     
> 1904/rpcbind
> tcp        0      0 0.0.0.0:51062           0.0.0.0:* LISTEN     
> 1935/rpc.statd

rpc.statd will be started unless you set NEED_STATD=no in
/etc/default/nfs-common. Since you said you don't use NFSv3, you can
safely do that.

rpcbind is started from /etc/init.d/rpcbind. If you don't use NFS or NIS
at all, you don't need to have that running. To disable it under Wheezy,
use:

update-rc.d rpcbind disable

After that, it won't be started anymore at boot.

Christian

Reply to:

Follow-Ups:
- Re: Open ports
  - From: Bob Proulx <bob@proulx.com>

References:
- Open ports
  - From: Bill <bill3@uniserve.com>

Prev by Date: Open ports
Next by Date: Re: Default virtualhost on Debian Jessie with Apache 2.4.10
Previous by thread: Open ports
Next by thread: Re: Open ports
Index(es):
- Date
- Thread