Christian Seiler wrote:
Bill wrote:
what uses them and why shouldn't I close them?
(I'm assuming there must be a good reason to have wide open ports.)
It is debatable whether the old Sun RPC services should be installed
by default. I do use and manage NFS but I wouldn't install
Hi,
I'm still running wheezy but noticed a couple of open ports the other
day. This is just a simple laptop - no nfs access needed, no need for a
networked port mapper, and certainly not a dns server.
So why are they there, what uses them and why shouldn't I close them?
(I'm assuming
On 05/09/2015 01:25 PM, Bill wrote:
I'm still running wheezy but noticed a couple of open ports the other
day. This is just a simple laptop - no nfs access needed, no need for a
networked port mapper, and certainly not a dns server.
So why are they there,
Well, Debian's policy for daemons
Howdy,
On Mon, Jul 23, 2012 at 01:21:55PM -0500, Charles Kroeger wrote:
I'm thinking my firewall 'Shorewall' encompasses an extensive enough design to
cover any attempts of intrusion that may occur, I do notice notwithstanding,
that
although ports 0 and 1 are closed, they still show up on
I'm thinking my firewall 'Shorewall' encompasses an extensive enough design to
cover any attempts of intrusion that may occur, I do notice notwithstanding,
that
although ports 0 and 1 are closed, they still show up on test like grc.com's
'shields-up' port scanner.
I know that 0 nil is not a port
Charles Kroeger wrote:
I'm thinking my firewall 'Shorewall' encompasses an extensive enough design to
cover any attempts of intrusion that may occur, I do notice notwithstanding,
that
although ports 0 and 1 are closed, they still show up on test like grc.com's
'shields-up' port scanner.
I
Try probing your system with nmap and see what it
says.
nmap localhost
Thanks for this information, I didn't have nmap installed..however after I did
install nmap I received this:
/charles# nmap localhost
Starting Nmap 6.00 ( http://nmap.org ) at 2012-07-23 22:30 CDT
Nmap scan report for
Charles Kroeger wrote:
PORT STATE SERVICE
25/tcp open smtp
53/tcp open domain
111/tcp open rpcbind
631/tcp open ipp
6566/tcp open sane-port
That seems pretty reasonable. Except if you aren't using NFS and
don't need the portmapper (rpcbind) then I would uninstall it.
0/tcp
On Mon, Aug 29, 2011 at 02:46:52PM +0200, yudi v wrote:
Probably portmap...
See if it's installed
$ dpkg --get-selections portmap
If it is, and it bothers you, it can be removed - check and see if
anything
uses it:-
# apt-get -s remove portmap | less
The following packages will be REMOVED:
cifs-utils libnfsidmap2 nfs-common nfs-kernel-server samba samba-common
samba-common-bin samba-doc smbclient smbfs swat winbind
0 upgraded, 0 newly installed, 12 to remove and 4 not upgraded.
Remv smbfs [2:4.5-2]
Remv cifs-utils [2:4.5-2]
Remv
On 29/08/11 18:35, yudi v wrote:
snipped
I purged the above files but still have� the following service running.
111/tcp open� rpcbind
--
Kind regards,
Yudi
Probably portmap...
See if it's installed
$ dpkg --get-selections portmap
If it is, and it bothers you, it can be removed -
Probably portmap...
See if it's installed
$ dpkg --get-selections portmap
If it is, and it bothers you, it can be removed - check and see if anything
uses it:-
# apt-get -s remove portmap | less
If it's the only package to be removed:-
# apt-get --purge remove portmap
Check your
I use postpaid mobile broadband and my IP is both the system address and
the gateway. There is no NAT with postpaid service, it's only available
with prepaid in Australia. Not sure why.
Not sure what you mean there I suspect you mean only postpaid allow a
static IP address (for some
On 28/08/11 18:37, yudi v wrote:
snipped
my system IP for ppp0 is 101.***.***.*** and it's not static.
but from what I can remember all postpaid accounts in Australia have
10.***.***.*** addresses and are behind NAT.
I've yet to see any (non-SLA business class) USB UMTS modems by any
http://myip.dk/ will give you the remote access address. Just ssh to the
displayed address. I'd suggest you try - it's easier than just believing
everything you read on whirlpool. The signal to noise ratio there can be
bad. Exetel have good tech support - Vodaphail don't even know where their
# apt-get --purge remove libnfsidmap2 nfs-common samba
if you don't use samba at all (cifs-utils samba samba-common
samba-common-bin smbfs) then change samba to samba*
I'd suggest using -s instead of --purge first - just in case samba was
originally pulled in by another package which you
Nmap suggests the following ports are open:
25/tcp open smtp
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
901/tcp open samba-swat
2049/tcp open nfs
I run a desktop email client that uses smtp apart from that I do not know
why rest of the
Ports 139, 445 and 901 are samba running. Port 631 is cups, your printer
driver. 111 and 2049 are for NFS. If you don't need them, you should be
able to turn them off...If you do need it, then you should be able to
firewall it, using iptables to limit access to the hosts or subnets you
need.
On
interfaces. Most services can be configured to listen only to some
interfaces, and many only need to use localhost, so they can be closed
off from outside access. The open ports you need depend on what local
networking you do.
There's more, of course, but it's a lifetime study. Others will no
doubt
On 8/27/2011 11:38 AM, Brad Alexander wrote:
Ports 139, 445 and 901 are samba running. Port 631 is cups, your printer
driver. 111 and 2049 are for NFS. If you don't need them, you should be
able to turn them off...If you do need it, then you should be able to
firewall it, using iptables to
On Sun 28 Aug 2011 at 01:05:47 +1000, yudi v wrote:
Nmap suggests the following ports are open:
25/tcp open smtp
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
901/tcp open samba-swat
2049/tcp open nfs
I run a desktop email
On Sat 27 Aug 2011 at 17:16:16 +0100, Joe wrote:
On Sun, 28 Aug 2011 01:05:47 +1000
yudi v yudi@gmail.com wrote:
how can I find out if this system has been compromised?
You can try chkrootkit and rkhunter, but the latter at least works
A natural history expedition searching for
On 08/27/2011 02:43 PM, Brian wrote:
A natural history expedition searching for unicorns and dodos would have
as much success as these two programs are likely to have.
I was once on a natural history expedition. We found no unicorns, but we
did find dodos. We weren't looking for them, but
Hi,
ipp is CUPS, the network printing server, and you know whether you need
that.
Now that you mention it... I also see cups listening on all devices:
$ sudo netstat -nlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
On Sat, Aug 27, 2011 at 5:05 PM, yudi v yudi@gmail.com wrote:
Nmap suggests the following ports are open:
25/tcp open smtp
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
901/tcp open samba-swat
2049/tcp open nfs
Which nmap
Just to clarify my post.
This is a new install and I was a bit careless while installing. It has no
data on it. I was more concerned with LUKS+LVM working at install. I did not
realize I selected to install SSH, I do not use Samba or NFS not sure how
those got installed. Again it might have been
On 28/08/11 11:39, yudi v wrote:
Just to clarify my post.
This is a new install and I was a bit careless while installing. It has
no data on it. I was more concerned with LUKS+LVM working at install. I
did not realize I selected to install SSH, I do not use Samba or NFS not
sure how those got
try command nmap ip_address
On Thu, 2006-02-23 at 00:12 +, Oliver Lupton wrote:
On Wed, 22 Feb 2006 17:31:49 -0500
Stephen R Laniel [EMAIL PROTECTED] wrote:
On Wed, Feb 22, 2006 at 10:26:05PM +, Oliver Lupton wrote:
My router/firewall blocks all ports, including those over 1023
:
hi all,
i am now behind a firewall [at dormitory], and i want to check open ports.
is there a handy program that does this job for me ;)
nmap will do it if you know your IP address and can run nmap from another
network.
BTW, attempting to breach your university's security measure probably
Oliver Lupton wrote:
On Wed, 22 Feb 2006 17:31:49 -0500
Stephen R Laniel [EMAIL PROTECTED] wrote:
On Wed, Feb 22, 2006 at 10:26:05PM +, Oliver Lupton wrote:
My router/firewall blocks all ports, including those over 1023 (1024?)
I assume you mean that your router *can*, not that it
hi all,i am now behind a firewall [at dormitory], and i want to check open ports. is there a handy program that does this job for me ;)want to find an open port for apache to run. because 80. port blocked to people outside the dorm.
i both need an openport seeker program and info if apache
On Wed, Feb 22, 2006 at 11:18:41PM +0200, Mehmet Fatih Akbulut wrote:
i am now behind a firewall [at dormitory], and i want to check open ports.
is there a handy program that does this job for me ;)
want to find an open port for apache to run.
because 80. port blocked to people outside
On Wed, Feb 22, 2006 at 10:26:05PM +, Oliver Lupton wrote:
My router/firewall blocks all ports, including those over 1023 (1024?)
I assume you mean that your router *can*, not that it
necessarily does. It seems like it would be awfully
inconvenient to block all such ports, given that
On Wed, 22 Feb 2006 16:24:54 -0500
Stephen R Laniel [EMAIL PROTECTED] wrote:
it's not going to tell you that ports 8080 and above are
open, because they always are.
My router/firewall blocks all ports, including those over 1023 (1024?)
Cheers,
-ol
--
I will live forever, or die trying.
On Wednesday 22 February 2006 13:18, Mehmet Fatih Akbulut wrote:
hi all,
i am now behind a firewall [at dormitory], and i want to check open ports.
is there a handy program that does this job for me ;)
nmap will do it if you know your IP address and can run nmap from another
network.
BTW
On Wed, 2006-02-22 at 16:24 -0500, Stephen R Laniel wrote:
On Wed, Feb 22, 2006 at 11:18:41PM +0200, Mehmet Fatih Akbulut wrote:
i am now behind a firewall [at dormitory], and i want to check open ports.
is there a handy program that does this job for me ;)
want to find an open port
On Wed, 22 Feb 2006 17:31:49 -0500
Stephen R Laniel [EMAIL PROTECTED] wrote:
On Wed, Feb 22, 2006 at 10:26:05PM +, Oliver Lupton wrote:
My router/firewall blocks all ports, including those over 1023 (1024?)
I assume you mean that your router *can*, not that it
necessarily does. It
Hi Rutger,
PORTSTATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
113/tcp open auth
903/tcp open iss-console-mgr
Before starting nmap, use netstat.
You can find out which program uses which port with
netstat -tulpen
for your internet
Hello,
I administer a debian installation that is connected to the Internet.
When I run nmap, I found the following:
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-23 00:29 CET
Interesting ports on xx
(The 1657 ports scanned but not shown below are in state: closed)
On Wed, 23 Nov 2005 00:54:13 +0100
Rutger Wessels [EMAIL PROTECTED] wrote:
113/tcp open auth
That's an 'ident' daemon I believe. _very_ primitive security, some braindead
IRC networks require it to be running and doubtlessly other things will require
it too.
HTH
-ol
--
I will live
On 00:54 Wed 23 Nov , Rutger Wessels wrote:
Hello,
I administer a debian installation that is connected to the Internet.
When I run nmap, I found the following:
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-23 00:29 CET
Interesting ports on xx
(The 1657 ports
port 111 will be used by rpc processes like NIS and NFS.
port 113 is identd, used to identify the owner of a connection.
port 903... I'm not sure.
If you box is up on the world. I would suggest making a iptables(or
equivilent) script that will block all but the wanted ports.
IE, having
On Thu, 19 Aug 2004 19:44:06 -0600, Dana J. Laude [EMAIL PROTECTED] wrote:
Or better yet, Jon should checkout the following link:
http://www.debian.org/doc/user-manuals#securing
The harden-doc is outdated except on unstable, so you're better
off reading the online version at the above page.
On Tuesday 21 September 2004 11:57, Tom Allison wrote:
[EMAIL PROTECTED] wrote:
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself -
its time to consider the possibility your machine has been
compromised.
On Tuesday 21 September 2004 04:57, Tom Allison wrote:
At the risk of provoking the usual WELL GO RUN WINDOWS THEN!!!
knee-jerk reaction, I will mention that the Gatesware-based firewall
packages (like Zone Alarm) will detect *outgoing* connection attempts
and query whether they are
Tom Allison wrote:
More importantly today is to understand how 99.9% of the virus and
malware is transmitted today. It's not through unfiltered ports and
such as described in your original email, but through the email
mechanism (or http) itself. And while I don't have any hard numbers at
my
On Wednesday September 22 at 02:36pm
Dave Howorth [EMAIL PROTECTED] wrote:
Tom Allison wrote:
More importantly today is to understand how 99.9% of the virus and
malware is transmitted today. It's not through unfiltered ports and
such as described in your original email, but through the
[EMAIL PROTECTED] wrote:
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself - its
time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
At the risk of
So what are exactly are you worried about? A program uploading
sensitive data to a random server? Well the easiest way for a program
to do that is to invoke sendmail to e-mail the information to the
server. In which case the program never attempts to open a port, your
m-t-a does. Your
2004 9:07 a.m.
To: [EMAIL PROTECTED]
Subject: Re: All these open ports
So what are exactly are you worried about? A program uploading
sensitive data to a random server? Well the easiest way for a program
to do that is to invoke sendmail to e-mail the information to the
server. In which
On Mon, 23 Aug 2004 13:05:00 +0800, Katipo [EMAIL PROTECTED]
said:
In any case, I've as yet been unable to find any way of getting
detection and authorization of outgoing requests with any
of the Linux firewalls, or with IPtables - although I can hardly say
that
I've thoroughly done my
[EMAIL PROTECTED] wrote:
On Mon, 23 Aug 2004 13:05:00 +0800, Katipo [EMAIL PROTECTED]
said:
In any case, I've as yet been unable to find any way of getting
detection and authorization of outgoing requests with any
of the Linux firewalls, or with IPtables - although I can hardly say
that
I've
ShieldsUP! isn't a firewall, it's just a service which port scans you and
tells you the results.
Mezig said:
[EMAIL PROTECTED] wrote:
For a fast but supposed secure FW, can't you use 'ShieldUP' from the site :
http://www.grc.com/ ? It close all the ports under nux and win-sheet too
:(! and
[EMAIL PROTECTED] wrote:
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself - its
time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
At the risk of
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself - its
time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
At the risk of provoking the usual
You could get something close to Zone Alarm (minus the application
permissions stuff) with a very short iptables script which set the
policies for INPUT and FORWARD to DROP, and OUTPUT to ACCEPT, and adding
a couple of rules for allowing related and established connections on
the INPUT
[EMAIL PROTECTED] wrote:
If a port is open, and associated with a program which isn't from a
debian package and you don't believe you put it there yourself - its
time to consider the possibility your machine has been compromised.
Okay... that gives me an opening to try this again.
snip
In
. This should do (at least)
discard, echo, daytime.
Then, determine which programs are responsible for the remaining open
ports. Stop them from running and prevent them from starting by
default if necessary. How to do this varies on an
application-to-application basis; but can probably be forced by
removing
[EMAIL PROTECTED] wrote:
...
Thus far, I haven't been able to find anything that provides
canned-up functionality of the nature of the Windows Zone Alarm,
although I can probably overcome that by iptables scripting,
whereas with the Windows firewalls you get whatever is there
and have to
Generally speaking, to close a port, you shut down whatever deamon is
listening on it. For example, if you had port 80 open, and want to
close it, shut down your web server (apache or whatever else).
Same with ssh - to close that port, shut down sshd.
On Fri, 13 Aug 2004 21:56:17 -0400, Tong
(at least)
discard, echo, daytime.
Then, determine which programs are responsible for the remaining open
ports. Stop them from running and prevent them from starting by
default if necessary. How to do this varies on an
application-to-application basis; but can probably be forced by
removing the package
There are other available packages:
I use FireHOL
I used to use iptables + wondershaper in RH. I notice there are many
ready-made firewall packages available in Debian. I'm wondering which one
is recommended (ease to use/updated frequently, etc)?
So am I, but I don't think this is the right
Hello
Tong ([EMAIL PROTECTED]) wrote:
I've just noticed that my debian testing open many ports by default:
Some of them are opened by inetd. You can use dpkg-reconfigure inetd,
or edit /etc/inetd.conf and comment out the protocols you don't need.
After that, restart inetd.
tcp0
[EMAIL PROTECTED] wrote:
I've just noticed that my debian testing open many ports by default:
tcp0 0 *:dict *:* LISTEN
tcp0 0 *:time *:* LISTEN
tcp0 0 *:discard
On Fri, 13 Aug 2004 23:55:46 -0600, s. keeling wrote:
Incoming from [EMAIL PROTECTED]:
I've just noticed that my debian testing open many ports by default:
tcp0 0 *:dict *:* LISTEN
I'm curious which utility produced that listing; I
On Sat, 14 Aug 2004 11:07:58 +0200, Jerome BENOIT wrote:
Buy a firewall or set up iptables.
You can just load the Firestarter package; it will allow you to block
ports (via a generated iptables script).
There are other available packages:
I use FireHOL
I used to use iptables +
Hi,
I've just noticed that my debian testing open many ports by default:
tcp0 0 *:dict *:* LISTEN
tcp0 0 *:time *:* LISTEN
tcp0 0 *:discard *:*
On Fri, Aug 13, 2004 at 09:56:17PM -0400, Tong wrote:
Hi,
I've just noticed that my debian testing open many ports by default:
Uninstall the respective services. Or, use a firewalling system
(dedicated firewall, iptables, etc...)
To find out what service uses what port:
stefan:~$ sudo
I've just noticed that my debian testing open many ports by default:
tcp0 0 *:dict *:* LISTEN
tcp0 0 *:time *:* LISTEN
tcp0 0 *:discard *:*
Incoming from [EMAIL PROTECTED]:
I've just noticed that my debian testing open many ports by default:
tcp0 0 *:dict *:* LISTEN
I'm curious which utility produced that listing; I haven't seen lsof
produce that - ?
That would be
On Thu, May 27, 2004 at 10:32:20PM -0700, Alvin Oga wrote:
I'm working on a web site that includes streamed rich media files. I need
a way to test to see which ports the user can access if they're behind a
firewall. I'm guess that I need to try and send them an object (a picture
maybe?) on
On Friday 28 May 2004 15:59, Emma Jane Hogbin hurled the following on the
wire:
On Thu, May 27, 2004 at 10:32:20PM -0700, Alvin Oga wrote:
I'm working on a web site that includes streamed rich media files. I
need a way to test to see which ports the user can access if they're
behind a
On Fri, 28 May 2004 09:59:20 -0400
Emma Jane Hogbin [EMAIL PROTECTED] wrote:
On Thu, May 27, 2004 at 10:32:20PM -0700, Alvin Oga wrote:
I'm working on a web site that includes streamed rich media files.
I need a way to test to see which ports the user can access if
they're behind a
On Fri, May 28, 2004 at 07:08:24AM -0700, Alvin Oga wrote:
grab the plug-info from the users browser ( if its setup to tell you )
use nmap or any port scanner to see if you can scan that port you
want on their machine
This is the one I need to know about. Sorry to be so dense, but if I
On Fri, 28 May 2004, Emma Jane Hogbin wrote:
any secure site will only allow port 80 or port 443 for web ...
It's not the server I'm testing, it's the user. Some streaming video
that secure site works both ways ... user or server ..
(RealPlayer) doesn't come through on regular ports so
On Friday 28 May 2004 16:25, Emma Jane Hogbin hurled the following on the
wire:
On Fri, May 28, 2004 at 07:08:24AM -0700, Alvin Oga wrote:
grab the plug-info from the users browser ( if its setup to tell you )
use nmap or any port scanner to see if you can scan that port you
want on
Hi everyone,
I'm working on a web site that includes streamed rich media files. I need
a way to test to see which ports the user can access if they're behind a
firewall. I'm guess that I need to try and send them an object (a picture
maybe?) on one of the ports I need information about and then
into their secure box thru those open ports
- imho, people should download what they want ... not be sent stuff they
dont want .. no clickie, no object to come down the pike
- you know the pic was received ... by looking at your logs
and see that xxx bytes of that file was sent vs aborted
- if they have java
Lo, on Wednesday, June 5, Paul Johnson did write:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jun 05, 2002 at 02:32:00PM -0400, tvn1981 wrote:
9/tcp opendiscard
Not sure myself...
Standard TCP service; routes everything written to that port to
Hi, I have the following ports open and I am not sure what they are.
Whether or not they are really needed. My other Linux box (rh) doesn't
have these so I am wondering what these are in Debian
9/tcp opendiscard
13/tcp opendaytime
On 5 Jun 2002, tvn1981 wrote:
Hi, I have the following ports open and I am not sure what they are.
Whether or not they are really needed. My other Linux box (rh) doesn't
have these so I am wondering what these are in Debian
9/tcp opendiscard
13/tcp opendaytime
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jun 05, 2002 at 02:32:00PM -0400, tvn1981 wrote:
9/tcp opendiscard
Not sure myself...
13/tcp opendaytime
37/tcp opentime
On Wednesday 05 June 2002 02:57 pm, Paul Johnson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jun 05, 2002 at 02:32:00PM -0400, tvn1981 wrote:
9/tcp opendiscard
Not sure myself...
$ cat //etc/services| grep 9/tcp
discard 9/tcp sink null
ben
On Wed, 2002-06-05 at 13:32, tvn1981 wrote:
Hi, I have the following ports open and I am not sure what they are.
Whether or not they are really needed. My other Linux box (rh) doesn't
have these so I am wondering what these are in Debian
9/tcp opendiscard
doing a search for -dport or -sport for source and destination ports
thank you for your reply, but I am not getting much wiser with this
document. I learn by examples. I was thinking about this:
iptables -A INPUT -i eth0 -d 212.127.10.10 -dport 135 -j ACCEPT
iptables -A OUTPUT -i
Under the netfilter model, this is known as DNAT (Destination NAT,
because it is the destination field of incoming packets that is being
rewritten).
you'll want something like the following:
iptables -t nat -A PREROUTING -d $extip -p tcp --dport 135 -j DNAT
--to-destination 192.168.1.1
(also
What file do i need
to edit to close open ports,
ex, port 111 /tcp
sunrpc
515/ tcp printer
2000/ tcp callback
Thanks for your
time
michael
On Sun, Apr 29, 2001 at 01:13:07AM -0700, Michael Earls wrote:
What file do i need to edit to close open ports,
ex, port 111 /tcp sunrpc
515/ tcp printer
2000/ tcp callback
Install and configure ipchains. There are various firewall packages that you
can configure
On Sun, Apr 29, 2001 at 01:13:07AM -0700, Michael Earls wrote:
What file do i need to edit to close open ports,
ex, port 111 /tcp sunrpc
515/ tcp printer
2000/ tcp callback
Run the command -
# lsof | grep LISTEN
This is another option -
$ less /etc/services | grep
On Sun, Apr 29, 2001 at 01:13:07AM -0700, Michael Earls wrote:
What file do i need to edit to close open ports,
ex, port 111 /tcp sunrpc
515/ tcp printer
2000/ tcp callback
Also comment out everything you don't need in -
/etc/inetd.conf
and run -
# /etc/init.d
[mailto:[EMAIL PROTECTED]
Sent: Saturday, April 28, 2001 10:21 PM
To: Michael Earls
Cc: debian-user@lists.debian.org
Subject: Re: closeing open ports
On Sun, Apr 29, 2001 at 01:13:07AM -0700, Michael Earls wrote:
What file do i need to edit to close open ports,
ex, port 111 /tcp sunrpc
On Sun, Apr 29, 2001 at 01:38:33AM -0700, Michael Earls wrote:
What is a good starting point / reference point on ipchains. I have it
installedx but not config. Is there a file that i can edit for ipchains?
I only need 21 ftp 22 ssh 25 smtp 80 http
You may want to open auth too.
Closing
Aoki
Sent: Sunday, April 29, 2001 2:05 AM
To: Michael Earls
Cc: debian-user@lists.debian.org
Subject: Re: closeing open ports
On Sun, Apr 29, 2001 at 01:38:33AM -0700, Michael Earls wrote:
What is a good starting point / reference point on ipchains. I have it
installedx but not config
On Sun, Apr 29, 2001, Michael Earls wrote:
that was great info, but i do not need to masq any ips, i just need to
limit the ports being open, i have edited inetd.conf, but there were some
ports not listed in there. here is a port scan on my box,
Mike,
Hi. I just joined thread so I can't
On Sun, Apr 29, 2001 at 11:38:25AM -0700, Michael Earls wrote:
that was great info, but i do not need to masq any ips, i just need to
limit the ports being open, i have edited inetd.conf, but there were some
ports not listed in there. here is a port scan on my box,
[EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sunday 29 April 2001 05:13, Michael Earls wrote:
What file do i need to edit to close open ports,
ex, port 111 /tcp sunrpc
515/ tcp printer
2000/ tcp callback
Another usefull thing to do when the port you want
On Sun, Apr 29, 2001 at 04:20:14PM -0300, Rogerio Bastos wrote:
Another usefull thing to do when the port you want to close is not listed on
/etc/services and you don't have a clue of what service is binded to that
port is to run (as root) fuser -a -n proto port, where proto may be tcp, udp
On Sat, Feb 17, 2001 at 11:13:52PM -0500, Glenn Becker wrote:
Interesting ports on localhost (127.0.0.1):
PortState Protocol Service
22 opentcpssh
25 opentcpsmtp
53 opentcpdomain
111
On Sat, Feb 17, 2001 at 10:46:40PM -0800, [EMAIL PROTECTED] wrote:
the best way ive found to disable portmap is to rename /sbin/portmap
to something else. there are so many different things that may call
on it, its just easier for me to rename it then modify a bunch of
just make sure you
All,
I have been trying to secure my Debian box, which enjoys a DSL
connection. I've been going through /etc/inetd.conf, commenting out
services, and K'ing others in the /etc/rc2.d/, until what I have left is
the following (output from nmap):
Interesting ports on localhost (127.0.0.1):
Port
1 - 100 of 119 matches
Mail list logo