On Fri, Aug 13, 2004 at 09:56:17PM -0400, Tong wrote: > Hi, > > I've just noticed that my debian testing open many ports by default:
Uninstall the respective services. Or, use a firewalling system (dedicated firewall, iptables, etc...) To find out what service uses what port: stefan:~$ sudo lsof -i tcp:www # substitute your port name/number Password: COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME apache 221 root 16u IPv4 173 TCP *:www (LISTEN) apache 629 root 16u IPv4 173 TCP *:www (LISTEN) apache 630 root 16u IPv4 173 TCP *:www (LISTEN) apache 631 root 16u IPv4 173 TCP *:www (LISTEN) apache 632 root 16u IPv4 173 TCP *:www (LISTEN) apache 633 root 16u IPv4 173 TCP *:www (LISTEN) > How can I close them? Buy a firewall or set up iptables. I'm sure you want to be able to print/see graphics/ssh in. Note that some services have options to use UNIX-domain sockets exclusively, such as the X-server (look for -nolisten tcp, etc). You probably don't use all of these: Webserver? If no, no apache. Dict Server? Disable. The client uses dict.org, not localhost. XServer? If you don't use the windowing system, get rid of it (note: _not_ using it is rare, GNOME/KDE require it) SSH? CUPS? (network printing) As for discard/time/daytime, you need to comment out lines in your /etc/inetd.conf (but how can you exploit a service whose purpose is to discard everything you throw at it?) I share a LAN with my parent's Windoze boxes, and my LAN is already firewalled, so I didn't worry much about this... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
