[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Blocking 445 IP port

On Thu, Jul 21, 2016 at 01:09:36AM +0000, Thiago Zoroastro wrote:
> Could I to know what the package that's installed and opening this IP port
> opened?

You can find out using netstat or ss.

```
% sudo netstat -antp | grep 445
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      7869/smbd
tcp6       0      0 :::445                  :::*                    LISTEN      7869/smbd

% sudo ss -antp | grep 445
LISTEN     0      50           *:445                      *:*                   users:(("smbd",pid=7869,fd=37))
LISTEN     0      50          :::445                     :::*                   users:(("smbd",pid=7869,fd=35))
```

On my machine, smbd (Samba) is listening on TCP port 445

> I realized that my Debian systems are with 445's IP ports opened. How I could
> to block permanently this and any other IP port when I wish?

I'm a bit fuzzy on enabling/disabling services in light of the move to systemd.
I don't think smbd is handled by systemd yet so you can't use systemctl to
disable it (hopefully someone will correct me if I'm wrong). You can prevent
smbd from starting on boot using update-rc.d

```
% sudo update-rc.d smbd disable
insserv: warning: current start runlevel(s) (empty) of script `smbd' overrides LSB defaults (2 3 4 5).
insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `smbd' overrides LSB defaults (0 1 6).
```

-- 
Justin
Reply to: