[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: laptop protection in an office network

On Sat, August 29, 2015 3:56 pm, tomas@tuxteam.de wrote:
>> tcp  0   0    0.0.0.0:9999            0.0.0.0:*  LIS  561/inetd
>
> As others noted: what's inetd doing on 9999? Do have a look at
> its config files (somewhere in /etc/inetd.conf).

As I noted previously, port 9999 is the approx server; there is a line for
it in /etc/inetd.conf:

#:OTHER: Other services
9999 stream tcp	nowait	approx	/usr/sbin/approx /usr/sbin/approx



>> tcp  0   0    0.0.0.0:22              0.0.0.0:*  LIS  568/sshd
>
> Common wisdom is to keep that (but to secure it properly, by disabling
> root logins and possibly passwrd logins). Perhaps you can ssh into your
> laptop should the UI become unresponsive for some reason (e.g. X botches
> the graphics card but you still have some running programs you'd want to
> finalize in an orderly mode).

On the desktop, I do use "screen" over ssh to access another desktop, but
I can do without ssh access to the laptop.



>> tcp  0   0    127.0.0.1:631           0.0.0.0:*  LIS  1248/cupsd
>
> Are you using your laptop as a print server? If not, the cups-client
> package might be enough.

Then should I unistall the cups-daemon and cups-server-common packages?



>> tcp  0   0    127.0.0.1:5432          0.0.0.0:*  LIS  675/postgres tcp
>> 0   0    127.0.0.1:25            0.0.0.0:*  LIS  1063/exim4
>
> Database server, mail server. What are they doing? For postgres,
> you could configure it to just serve over an UNIX domain socket, if the
> only applications around connect locally. Your call. For exim4 (mail
> server)... depends on your mail setup.

I thought that I had left mail unconfigured, but perhaps not.



>> tcp  0   0    127.0.0.1:2628          0.0.0.0:*  LIS  599/0
>
> Uh -- what is *this*? A process called "0"? Looks really strange
> to me.

2628 turns out to be the port for the dictionary server; I am using
localhost as the server.



>> udp  0   0    192.168.1.99:123        0.0.0.0:*       664/ntpd udp  0
>> 0    127.0.0.1:123           0.0.0.0:*       664/ntpd udp  0   0
>> 0.0.0.0:123             0.0.0.0:*       664/ntpd
>>
>
> Providing time services?

No.  I simply was trying to make the laptop synchronize its clock whenever
it connects to the Internet.  It appears that the package ntpdate is
adequate for a laptop, and that is the package I should have installed;
but I installed package ntp, which obviates the need for ntpdate.



> I'd disable/uninstall many of those. OTOH, you might need them in other
> settings, so firewalling them out might be the right choice (and a chance
> to learn iptables :-)



At this point, I think that I should make a fresh installation, keeping in
mind the comments which you and others have made.

RLH
Reply to: