On September 21, 2001 03:40 am, you wrote: > Coming from the BSD world I can say that to "close" a port I would > simply edit /etc/services and comment out (add a # sign) at the front of > every line for a port and service I didn't need/want running. Wouldn't > this work the same in Linux? If not, does anyone know why? That will work if you are using a super-daemon like inetd or xinetd. However, it won't close the ports that other servers are listening on. If you have servers running that you only want localhost to have access to, try using iptables to block them. For instance, let's say you have mysql running and you don't want it visible on the network. Then do: iptables -A INPUT -p tcp --dport 3306 -s ! 127.0.0.1 -j DROP This says add (-A) to the INPUT table the rule that if a something arrives whose protocol (-p) is tcp and whose destination port (--dport) is 3306 and whose source (-s) IP is not (!) 127.0.0.1, then jump (-j) to the DROP table. Obviously, the DROP table drops the packet on the floor. -Eric -- arctic bears - email and name services 25 email addresses@yourdomain CA$11.95/month DNS starting at CA$3.49/month - domains from CA$25.95/year for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
