Rob Hudson wrote:
I ran nmap on a server of mine and found a few open that I'd rather not be open (the ones with "filtered" in the list)... How can I shut those down in Gentoo?
22/tcp open ssh 25/tcp open smtp 80/tcp open http 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 993/tcp open imaps 4444/tcp filtered krb524
On the box in question, run "netstat -pant" to find out what program has each one opened. The name of the program is at the far right. Then use rc-update to disable each service. And then stop the service by typing "/etc/init.d/<servicename> stop".
When I run "netstat -pant", I do not see the opened ports, only 22, 25, 80, and 993. Which makes me think "filtered" means something. According to the nmap manpage, "Filtered means that a firewall, filter, or other network obstacle is covering the port and preventing nmap from determining whether the port is open." I haven't yet set up a firewall so it's not that.
When I ran nmap, I ran it thusly, "nmap -sS domain.com". I could try it again and ask for a full TCP connect and see what it reports.
I don't see any inet or xinet in my /etc directory. Does Gentoo put those somewhere else or not use it?
Thanks, Rob _______________________________________________ EUGLUG mailing list [email protected] http://www.euglug.org/mailman/listinfo/euglug
